firecrawl-scrape
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted data from the internet.
- Ingestion points: Content is ingested from external URLs and search results via the scripts/mcp/firecrawl_scrape.py script.
- Boundary markers: The skill does not define specific delimiters or instructions to the agent to ignore potentially malicious commands embedded in the scraped data.
- Capability inventory: The skill is authorized to use the Bash and Read tools.
- Sanitization: No logic for sanitizing or filtering the retrieved web content is specified in the skill metadata.
Audit Metadata