firecrawl-knowledge-ingest
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from external documentation portals, creating a surface for indirect prompt injection attacks.
- Ingestion points: Portal content extracted from URLs provided during the onboarding interview (SKILL.md).
- Boundary markers: Absent; the instructions do not specify delimiters to isolate external content from system prompts.
- Capability inventory: Utilizes the Firecrawl browser and extraction tools to process external content (SKILL.md).
- Sanitization: No explicit sanitization or content validation steps are mentioned.
- [SAFE]: No evidence of malicious behavior, data exfiltration, or obfuscation was found. All external resources and API requirements align with the vendor's known infrastructure and the skill's stated purpose.
Audit Metadata