skills/seranking/seo-skills/seo-firecrawl/Snyk

seo-firecrawl

Warn

Audited by Snyk on Jun 25, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.95). Firecrawl Orchestrator ingests outsider-authored free text by calling the Firecrawl MCP tools (e.g., mcp__firecrawl-mcp__firecrawl_scrape/map/crawl/search) on user-supplied target URLs/domains, then writing the returned page content/markdown (RAW.md, META.md, MATCHES.md) into the agent’s LLM context for parsing/synthesis.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 25, 2026, 01:08 PM

Issues

1

Security Audit — snyk — seo-firecrawl