firecrawl

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests arbitrary public web content via the Firecrawl API (see SKILL.md and references/api.md) and the runtime scripts (scripts/scrape.py, scripts/crawl.py, scripts/search.py) that scrape/crawl/search external URLs and print or use the returned page markdown/html, exposing the agent to untrusted third-party content that could contain instructional prompt-injection.