Skills
skills/carlvellotti/cc4pms-mastery-bonus/web-research/Gen Agent Trust Hub

web-research

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands via firecrawl and npx firecrawl to perform web scraping, site mapping, and crawling. These operations are restricted to the Firecrawl utility as defined in the skill's tool configuration.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes npx to execute the Firecrawl CLI, which involves fetching the package from the official npm registry. Firecrawl is a recognized service for converting web content into LLM-friendly formats.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks common to all web-research tools that ingest untrusted third-party data.
  • Ingestion points: External data enters the agent's context through search results (tavily_search), extracted snippets (tavily_extract), and full-page scraping (firecrawl scrape) as defined in SKILL.md.
  • Boundary markers: The skill does not explicitly instruct the use of delimiters (e.g., XML tags) to wrap external content, though it emphasizes citing sources and flagging conflicting information.
  • Capability inventory: The skill has access to shell command execution (Bash) and file system writes (writing to the .firecrawl/ directory).
  • Sanitization: No specific sanitization or filtering of fetched HTML/markdown content is mentioned prior to the synthesis step.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 07:07 AM