firecrawl-scraper
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions provide an installation command 'npx skills add -g BenedictKing/firecrawl-scraper' which fetches code from a community GitHub repository that is not associated with the provided author context (sickn33).
- [PROMPT_INJECTION]: The skill processes untrusted external data from websites and PDF files, creating an attack surface for indirect prompt injection.
- Ingestion points: Web pages and PDF files retrieved via scraping and crawling.
- Boundary markers: No explicit delimiters are specified to separate untrusted data from system instructions.
- Capability inventory: Includes browser interaction capabilities like clicking and scrolling which could be manipulated.
- Sanitization: No sanitization or validation of the ingested content is mentioned.
Audit Metadata