tech-docs-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly uses firecrawl map/scrape to discover and scrape public documentation URLs (including user-provided or inferred base URLs) and then reads and analyzes the scraped pages in .firecrawl/.../pages/, which exposes the agent to arbitrary third‑party web content that could contain untrusted or user-generated input.