MCPVet
Clean
Outbound network 3
Environment variables (config / keys) 3
Sensitive credential files 1
AI review
The Firecrawl MCP server appears to be a legitimate web scraping extension with proper API key authentication. No evidence of prompt injection, data exfiltration, or deceptive behavior was found. The extension follows standard security practices for handling API credentials.
- low Standard API key handling — The extension reads FIRECRAWL_API_KEY and FIRECRAWL_OAUTH_TOKEN from environment variables, which is the expected authentication method for a web scraping service
- low Proper network communication — Network calls to firecrawl.dev domains are expected for a legitimate web scraping service
- low Normal CI/CD configuration — The npm token usage in GitHub Actions is standard practice for publishing packages
Model: deepseek/deepseek-chat-v3.1
Static findings
Sensitive credential files · Reads sensitive credential files
info
.github/workflows/publish.yml:34
run: echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > ~/.npmrc
Outbound network · Makes outbound network requests
low
src/index.ts:114
const response = await fetch(getOAuthIntrospectionEndpoint(), {
low
src/monitor.ts:58
const response = await fetch(url, {
Environment variables (config / keys) · Reads environment variables (config / API keys)
low
src/index.ts:52
normalizeHeader(process.env.FIRECRAWL_OAUTH_TOKEN) ??
low
src/legacy/index.md:921
const FIRECRAWL_API_URL = process.env.FIRECRAWL_API_URL;
low
src/monitor.ts:29
const apiKey = session?.firecrawlApiKey ?? process.env.FIRECRAWL_API_KEY;
Scanning every extension your team installs?
Pro & Team add monitoring, private scans, and a CI gate for unsafe extensions.
MCPVet is a heuristic aid, not a security guarantee. A clean grade does not prove an extension is safe; always review code and instructions you don't trust.