Back to skill

Security audit

Firecrawl Web Scraper

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Firecrawl scraping skill that uses an external API as advertised, with privacy and credit-use considerations users should understand.

Install this only if you intend to use Firecrawl as a third-party scraping service. Do not submit private internal URLs, secrets embedded in URLs, proprietary pages, or regulated data unless sharing them with Firecrawl is acceptable, and start with low crawl/search limits to control credit usage.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (11)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill promotes scraping, crawling, and search through the external Firecrawl API but does not warn users that their target URLs, search queries, and retrieved page content are transmitted to a third party. This omission can lead to inadvertent disclosure of sensitive research targets, internal URLs, proprietary content, or regulated data to an external service.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script sends user-supplied URLs and search queries, along with scraping/crawling parameters, to the external Firecrawl service without an explicit disclosure or consent mechanism at the point of use. In an agent-skill context, users may assume processing is local, so this can unintentionally expose sensitive URLs, internal targets, or proprietary queries to a third party.

External Transmission

Medium
Category
Data Exfiltration
Content
payload["waitFor"] = wait_for
    
    try:
        response = requests.post(
            "https://api.firecrawl.dev/v1/scrape",
            headers={
                "Content-Type": "application/json",
Confidence
88% confidence
Finding
requests.post( "https://

External Transmission

Medium
Category
Data Exfiltration
Content
payload["includePaths"] = include_paths
    
    try:
        response = requests.post(
            "https://api.firecrawl.dev/v1/crawl",
            headers={
                "Content-Type": "application/json",
Confidence
88% confidence
Finding
requests.post( "https://

External Transmission

Medium
Category
Data Exfiltration
Content
}
    
    try:
        response = requests.post(
            "https://api.firecrawl.dev/v1/search",
            headers={
                "Content-Type": "application/json",
Confidence
88% confidence
Finding
requests.post( "https://

External Transmission

Medium
Category
Data Exfiltration
Content
payload["waitFor"] = wait_for
    
    try:
        response = requests.post(
            "https://api.firecrawl.dev/v1/scrape",
            headers={
                "Content-Type": "application/json",
Confidence
88% confidence
Finding
requests.post( "https://api.firecrawl.dev/v1/scrape", headers={ "Content-Type": "application/json", "Authorization": f"Bearer {api_key}"

External Transmission

Medium
Category
Data Exfiltration
Content
payload["includePaths"] = include_paths
    
    try:
        response = requests.post(
            "https://api.firecrawl.dev/v1/crawl",
            headers={
                "Content-Type": "application/json",
Confidence
88% confidence
Finding
requests.post( "https://api.firecrawl.dev/v1/crawl", headers={ "Content-Type": "application/json", "Authorization": f"Bearer {api_key}"

External Transmission

Medium
Category
Data Exfiltration
Content
}
    
    try:
        response = requests.post(
            "https://api.firecrawl.dev/v1/search",
            headers={
                "Content-Type": "application/json",
Confidence
88% confidence
Finding
requests.post( "https://api.firecrawl.dev/v1/search", headers={ "Content-Type": "application/json", "Authorization": f"Bearer {api_key}"

External Transmission

Medium
Category
Data Exfiltration
Content
try:
        response = requests.post(
            "https://api.firecrawl.dev/v1/scrape",
            headers={
                "Content-Type": "application/json",
                "Authorization": f"Bearer {api_key}"
Confidence
86% confidence
Finding
https://api.firecrawl.dev/

External Transmission

Medium
Category
Data Exfiltration
Content
try:
        response = requests.post(
            "https://api.firecrawl.dev/v1/crawl",
            headers={
                "Content-Type": "application/json",
                "Authorization": f"Bearer {api_key}"
Confidence
86% confidence
Finding
https://api.firecrawl.dev/

External Transmission

Medium
Category
Data Exfiltration
Content
try:
        response = requests.post(
            "https://api.firecrawl.dev/v1/search",
            headers={
                "Content-Type": "application/json",
                "Authorization": f"Bearer {api_key}"
Confidence
86% confidence
Finding
https://api.firecrawl.dev/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.