Firecrawl Agent

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Firecrawl helper for extracting structured website data, with no hidden code or deceptive behavior found.

Install this if you intend to use Firecrawl for autonomous website data extraction. Use trusted target URLs, set an explicit output path in a dedicated directory, consider --max-credits to control cost, and review generated JSON before using it downstream.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger list includes broad natural-language phrases such as 'get all the products' and 'extract as JSON' that can match common user requests outside a narrowly intended scope. This increases the chance the skill is invoked unexpectedly, causing autonomous navigation of external sites and local file output when a simpler or safer tool may have been more appropriate.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill documentation describes autonomous extraction but does not prominently warn that the agent will navigate external websites and write results to local output files. Without that disclosure, users or upstream agents may invoke it without understanding the network access, persistence, cost, and data-handling implications, increasing the risk of unintended scraping or unsafe file writes.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal