Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Firecrawl Mcp
v0.1.1Auto-generated skill for firecrawl-mcp tools via OneKey Gateway.
⭐ 0· 105·0 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (firecrawl-mcp via OneKey Gateway) align with the included Python scripts that call OneKeyAgentRouter to perform scrape/crawl/search/agent/browser operations. However registry metadata claims no required env vars or install spec while SKILL.md declares a required env var (DEEPNLP_ONEKEY_ROUTER_ACCESS) and installation steps — this mismatch is an incoherence in packaging/metadata.
Instruction Scope
SKILL.md and the scripts limit actions to invoking the OneKey gateway with JSON payloads (via --data or --data-file). The skill does not instruct reading arbitrary host files beyond user-supplied data_file, nor accessing unrelated env vars or system paths. The browser Execute API accepts 'code' to run in a remote browser session — powerful but consistent with a browsing/crawling tool.
Install Mechanism
Installation is via public package names (npm @aiagenta2z/onekey-gateway and pip ai-agent-marketplace) as documented in SKILL.md. The registry metadata earlier said 'no install spec' despite SKILL.md containing install commands — this inconsistency should be clarified. The install method itself does not use obscure download URLs, but installing global npm packages and third-party pip packages carries usual supply-chain risk and you should verify package provenance.
Credentials
The only declared required secret is DEEPNLP_ONEKEY_ROUTER_ACCESS, which is appropriate for a gateway-based tool. However the scripts fall back to a hard-coded demo key (BETA_TEST_KEY_MARCH_2026) when the env var is not set; that default means requests may be routed through the provider/demo account if you forget to set your own key, potentially exposing scraped data or metadata to a third party. Confirm that you are willing to route data through the OneKey provider and that the provider's policies are acceptable.
Persistence & Privilege
Skill does not request always:true, does not modify other skills or system-wide configs, and uses autonomous invocation defaults. Nothing indicates elevated persistence or cross-skill privilege.
What to consider before installing
This package appears to be a OneKey-gateway client for web scraping and agent-driven browsing and the included scripts match that purpose — but there are a few things to confirm before installing:
- Metadata mismatch: the registry listing omitted required env vars/install info that appear in SKILL.md. Ask the publisher why metadata differs and ensure SKILL.md is the authoritative spec.
- API key handling: set your own DEEPNLP_ONEKEY_ROUTER_ACCESS; otherwise the code will use a public demo key (BETA_TEST_KEY_MARCH_2026) which may route your requests and scraped content through the provider. Do not send sensitive data when using the demo key.
- Packages: verify the npm package @aiagenta2z/onekey-gateway and pip package ai-agent-marketplace are from trustworthy sources before running npm -g / pip install. Installing third-party packages globally has supply-chain risk.
- Capability caution: some APIs (firecrawl_browser_execute) accept code to execute in a remote browser session. Keep only non-sensitive URLs/content and review responses you send to or receive from the gateway.
If you need higher assurance, ask the publisher for: a canonical homepage/repo, explanation of the metadata inconsistencies, the network endpoints used by the ai-agent-marketplace library, and a vetted package source (PyPI/GitHub release) before proceeding.Like a lobster shell, security has layers — review code before you run it.
latestvk975bp9q7bs5v7hvtpnpnajkr983dqgy
License
MIT-0
Free to use, modify, and redistribute. No attribution required.