firecrawl

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly calls the Firecrawl web API to search, scrape, and crawl arbitrary public websites (see SKILL.md and the runtime scripts scripts/scrape.py, scripts/crawl.py, and scripts/search.py), ingesting untrusted third‑party web content that the agent reads and presents as part of its workflow, which could carry indirect prompt injections.