deep-research-firecrawl
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No markers for bypassing safety filters, system prompt extraction, or instruction overrides were found. The instructional language in SKILL.md is standard and benign.
- [Data Exposure & Exfiltration] (SAFE): No access to sensitive system paths (e.g., ~/.aws/credentials) or hardcoded secrets were detected. Network activity is confined to the documented Firecrawl MCP tools.
- [Obfuscation] (SAFE): Analysis found no Base64-encoded commands, zero-width characters, homoglyphs, or other obfuscation techniques.
- [Unverifiable Dependencies] (SAFE): The core scripts rely exclusively on the Python standard library (re, pathlib, hashlib, etc.). No external package installations or remote script executions are performed.
- [Indirect Prompt Injection] (SAFE): While the skill ingests untrusted web data via Firecrawl, it does not possess dangerous write or execute capabilities that would allow this vector to compromise the host system.
- [Privilege Escalation] (SAFE): No use of sudo, chmod, or other privilege-altering commands was identified.
Audit Metadata