firecrawl/firecrawl-mcp-server

Minor capabilities, nothing alarming.

View source ↗

Outbound network 3

Environment variables (config / keys) 3

Sensitive credential files 1

AI review

The Firecrawl MCP server appears to be a legitimate web scraping service with no evidence of malicious intent. The code shows standard API integration patterns, proper authentication handling, and transparent tool descriptions. The main risks are typical for any web scraping service rather than security vulnerabilities in the extension itself.

low Standard API key usage for external service — The extension requires a Firecrawl API key for accessing their web scraping service, which is normal for legitimate API integrations. No evidence of credential exfiltration or misuse.
low Network requests to legitimate Firecrawl API endpoints — All network calls are directed to Firecrawl's documented API endpoints for web scraping operations. No suspicious external domains or data exfiltration attempts detected.
clean Clear tool descriptions matching stated purpose — Tool names and descriptions accurately reflect web scraping functionality (search, scrape, monitor pages). No deceptive tool naming or hidden capabilities found.
clean Proper error handling and authentication flow — The code shows robust error handling for authentication failures and API errors. OAuth token validation follows standard security practices.

Model: deepseek/deepseek-chat-v3.1

Static findings

Sensitive credential files · Reads sensitive credential files

info .github/workflows/publish.yml:34 run: echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > ~/.npmrc

Outbound network · Makes outbound network requests

info pnpm-lock.yaml:90 [email protected]:

low src/index.ts:114 const response = await fetch(getOAuthIntrospectionEndpoint(), {

low src/monitor.ts:58 const response = await fetch(url, {

Environment variables (config / keys) · Reads environment variables (config / API keys)

low src/index.ts:52 normalizeHeader(process.env.FIRECRAWL_OAUTH_TOKEN) ??

low src/legacy/index.md:921 const FIRECRAWL_API_URL = process.env.FIRECRAWL_API_URL;

low src/monitor.ts:29 const apiKey = session?.firecrawlApiKey ?? process.env.FIRECRAWL_API_KEY;

Scanning every extension your team installs?

Pro & Team add monitoring, private scans, and a CI gate for unsafe extensions.

MCPVet is a heuristic aid, not a security guarantee. A clean grade does not prove an extension is safe; always review code and instructions you don't trust.