Skills
NYC
skills/smithery/ai/firecrawl-scraper/Gen Agent Trust Hub

firecrawl-scraper

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The installation command npx skills add -g BenedictKing/firecrawl-scraper downloads and executes code from a personal GitHub repository. This source is not included in the trusted organizations or repositories list, making the dependency unverifiable via static analysis of the skill definition alone.
  • PROMPT_INJECTION (LOW): This skill is vulnerable to Indirect Prompt Injection (Category 8). It ingests untrusted data from external web pages and PDFs which could contain hidden instructions to manipulate the agent.
  • Ingestion points: Scraped web pages, crawling results, and PDF documents via Firecrawl API.
  • Boundary markers: None specified in the documentation to delimit untrusted web content from instructions.
  • Capability inventory: Deep content extraction, page interaction (clicking/scrolling), and batch crawling.
  • Sanitization: No explicit sanitization or filtering of external content is mentioned.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:46 PM