Firecrawl
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is mostly a Firecrawl API guide, but it needs review because it includes login/form automation and Cloudflare-bypass guidance, while relying on an unbundled local CLI and API key.
Install only if you trust your local Firecrawl CLI and are comfortable giving the agent a Firecrawl API key. Before use, set clear rules that the agent must ask before running crawls with meaningful cost, interacting with login pages, filling forms, or attempting any Cloudflare or access-control bypass.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could use the remote Firecrawl service to interact with login pages or forms in ways the user did not explicitly approve.
The skill exposes raw REST browser actions that can click and write into login pages, but it does not define approval, credential-handling, or scope limits for authenticated or form-filling activity.
**Page needing clicks / login** | `fc interact` ... Example — `interact` (clicks / form-fill) ... "url": "https://example.com/login" ... {"type": "click" ...} ... {"type": "write" ...}Require explicit user confirmation before any login, form-fill, click, or authenticated-page scraping, and avoid sending passwords or private account data unless the user clearly asks for it.
Using this guidance could violate site terms or bypass anti-bot/security controls.
The included example asks for guidance on bypassing Cloudflare, which could steer an agent toward evading website protections rather than ordinary permitted scraping.
fc docs "how do I bypass cloudflare?"
Do not use the skill to bypass bot protections, paywalls, access controls, or other site restrictions; limit scraping to permitted content.
If the key is misused, the user could consume Firecrawl credits or expose their Firecrawl account access.
The skill requires a Firecrawl bearer API key, which is expected for the provider but gives the agent access to a paid external service.
**Key:** store at `~/.openclaw/credentials/firecrawl/api_key` (`chmod 600`). ... **Auth:** `Authorization: Bearer fc-...`
Use a limited Firecrawl key if available, keep it chmod 600, do not commit it, and monitor usage and billing.
The safety of actual `fc` commands depends on the user's local CLI implementation, not just this SKILL.md.
The reviewed package is instruction-only, while the operational CLI is a local executable not included in the artifacts, so its behavior and provenance are outside this scan.
**CLI:** `~/bin/fc` → your local `fc.cjs` (Node CommonJS, zero dependencies).
Install the CLI only from a trusted source, review the local fc.cjs before use, and ensure ~/bin/fc points to the expected file.