firecrawl-build-interact

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs using Firecrawl’s /interact to drive clicks, form fills, navigation and extraction on web pages (e.g., “Use this when /scrape is not enough” and examples like search forms, paginated results, login‑gated dashboards), which means the agent will fetch and interpret content from third‑party public websites as part of its workflow.