firecrawl-build

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md and references/integration-patterns.md) explicitly instructs integrating Firecrawl endpoints (/scrape, /search, /interact, /crawl, /map) to fetch and ingest live web pages (e.g., documentation imports, competitor pages, answer generation from fresh sources), which are open/public third-party content that the agent would read and use to drive actions—exposing it to potential indirect prompt injection.