firecrawl
Warn
Audited by Snyk on Mar 1, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly calls the Firecrawl API (see scripts/scrape.py, scripts/crawl.py, scripts/search.py and SKILL.md) to fetch/scrape arbitrary public URLs (POST https://api.firecrawl.dev/v1/scrape, /v1/crawl, /v1/search) and returns page markdown/html content that the agent is expected to read and could materially influence subsequent actions, exposing it to untrusted third‑party content.
Audit Metadata