Firecrawl Build Interact
Security checks across malware telemetry and agentic risk
Overview
This skill is a documentation-only Firecrawl integration guide that clearly discloses its API key requirement and browser-interaction purpose.
Install only if you intend to integrate Firecrawl. Treat FIRECRAWL_API_KEY as a secret, review any code the agent writes before it runs browser actions against authenticated sites, and avoid persistent profiles unless your workflow clearly needs saved login state.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.