# Pitfall Log

Project: firecrawl/firecrawl-mcp-server

Summary: Found 29 structured pitfall item(s), including 2 high/blocking item(s). Top priority: Installation risk - Installation risk requires verification.

## 1. Installation risk - Installation risk requires verification

- Severity: high
- Evidence strength: source_linked
- Finding: Project evidence flags a installation risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/firecrawl/firecrawl-mcp-server/issues/64

## 2. Security or permission risk - Security or permission risk requires verification

- Severity: high
- Evidence strength: source_linked
- Finding: Developers should check this security_permissions risk before relying on the project: Proposal: Free AI Agent identity verification for Firecrawl MCP
- User impact: Developers may expose sensitive permissions or credentials: Proposal: Free AI Agent identity verification for Firecrawl MCP
- Evidence: failure_mode_cluster:github_issue | https://github.com/firecrawl/firecrawl-mcp-server/issues/243

## 3. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: Project is on 3.20.2 (2026-06-01) but has no tags or releases since 3.2.0 (2025-09-26)
- User impact: Developers may fail before the first successful local run: Project is on 3.20.2 (2026-06-01) but has no tags or releases since 3.2.0 (2025-09-26)
- Evidence: failure_mode_cluster:github_issue | https://github.com/firecrawl/firecrawl-mcp-server/issues/255

## 4. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: stdio: every tool call returns "Unauthorized" in 3.18.0+ with FIRECRAWL_API_KEY (regression from 3.17.0)
- User impact: Developers may fail before the first successful local run: stdio: every tool call returns "Unauthorized" in 3.18.0+ with FIRECRAWL_API_KEY (regression from 3.17.0)
- Evidence: failure_mode_cluster:github_issue | https://github.com/firecrawl/firecrawl-mcp-server/issues/246

## 5. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: v1.12.0
- User impact: Upgrade or migration may change expected behavior: v1.12.0
- Evidence: failure_mode_cluster:github_release | https://github.com/firecrawl/firecrawl-mcp-server/releases/tag/v1.12.0

## 6. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a installation risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/firecrawl/firecrawl-mcp-server/issues/271

## 7. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: v1.2.3: Optimize Batch Processing
- User impact: Upgrade or migration may change expected behavior: v1.2.3: Optimize Batch Processing
- Evidence: failure_mode_cluster:github_release | https://github.com/firecrawl/firecrawl-mcp-server/releases/tag/v1.2.3

## 8. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: v1.2.4: Configurable Settings & Enhanced Documentation
- User impact: Upgrade or migration may change expected behavior: v1.2.4: Configurable Settings & Enhanced Documentation
- Evidence: failure_mode_cluster:github_release | https://github.com/firecrawl/firecrawl-mcp-server/releases/tag/v1.2.4

## 9. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a configuration risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/firecrawl/firecrawl-mcp-server/issues/279

## 10. Capability evidence risk - Capability evidence risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: README/documentation is current enough for a first validation pass.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: capability.assumptions | https://www.npmjs.com/package/firecrawl-mcp

## 11. Runtime risk - Runtime risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a runtime risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: packet_text.keyword_scan | https://www.npmjs.com/package/firecrawl-mcp

## 12. Maintenance risk - Maintenance risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a maintenance risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://www.npmjs.com/package/firecrawl-mcp

## 13. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: no_demo
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: downstream_validation.risk_items | https://www.npmjs.com/package/firecrawl-mcp

## 14. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: no_demo
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: risks.scoring_risks | https://www.npmjs.com/package/firecrawl-mcp

## 15. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a security or permission risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/firecrawl/firecrawl-mcp-server/issues/243

## 16. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a security or permission risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/firecrawl/firecrawl-mcp-server/issues/274

## 17. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a security or permission risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/firecrawl/firecrawl-mcp-server/issues/246

## 18. Capability evidence risk - Capability evidence risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this capability risk before relying on the project: Provided docker container cannot be connected to, because MCP server only listens to ipv6 ::1 while NGINX proxies traffic to ipv4 loopback
- User impact: Developers may hit a documented source-backed failure mode: Provided docker container cannot be connected to, because MCP server only listens to ipv6 ::1 while NGINX proxies traffic to ipv4 loopback
- Evidence: failure_mode_cluster:github_issue | https://github.com/firecrawl/firecrawl-mcp-server/issues/251

## 19. Capability evidence risk - Capability evidence risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this capability risk before relying on the project: Your project is now listed on CodeGuilds
- User impact: Developers may hit a documented source-backed failure mode: Your project is now listed on CodeGuilds
- Evidence: failure_mode_cluster:github_issue | https://github.com/firecrawl/firecrawl-mcp-server/issues/254

## 20. Capability evidence risk - Capability evidence risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this conceptual risk before relying on the project: Using n8n to connect to firecrawl-mcp-server throws a 404 error
- User impact: Developers may hit a documented source-backed failure mode: Using n8n to connect to firecrawl-mcp-server throws a 404 error
- Evidence: failure_mode_cluster:github_issue | https://github.com/firecrawl/firecrawl-mcp-server/issues/64

## 21. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: issue_or_pr_quality=unknown。
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://www.npmjs.com/package/firecrawl-mcp

## 22. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: release_recency=unknown。
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://www.npmjs.com/package/firecrawl-mcp

## 23. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this maintenance risk before relying on the project: Added Deep Research (Alpha)
- User impact: Upgrade or migration may change expected behavior: Added Deep Research (Alpha)
- Evidence: failure_mode_cluster:github_release | https://github.com/firecrawl/firecrawl-mcp-server/releases/tag/v1.4.1

## 24. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this maintenance risk before relying on the project: Added llms.txt generator
- User impact: Upgrade or migration may change expected behavior: Added llms.txt generator
- Evidence: failure_mode_cluster:github_release | https://github.com/firecrawl/firecrawl-mcp-server/releases/tag/v1.7.2

## 25. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this maintenance risk before relying on the project: Official Release - v1.3.3
- User impact: Upgrade or migration may change expected behavior: Official Release - v1.3.3
- Evidence: failure_mode_cluster:github_release | https://github.com/firecrawl/firecrawl-mcp-server/releases/tag/v.1.3.3

## 26. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this maintenance risk before relying on the project: v2.0.0
- User impact: Upgrade or migration may change expected behavior: v2.0.0
- Evidence: failure_mode_cluster:github_release | https://github.com/firecrawl/firecrawl-mcp-server/releases/tag/v2.0.0

## 27. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this maintenance risk before relying on the project: v3.0.0
- User impact: Upgrade or migration may change expected behavior: v3.0.0
- Evidence: failure_mode_cluster:github_release | https://github.com/firecrawl/firecrawl-mcp-server/releases/tag/v3.0.0

## 28. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this maintenance risk before relying on the project: v3.2.0
- User impact: Upgrade or migration may change expected behavior: v3.2.0
- Evidence: failure_mode_cluster:github_release | https://github.com/firecrawl/firecrawl-mcp-server/releases/tag/v3.2.0

## 29. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this maintenance risk before relying on the project: v3.2.1
- User impact: Upgrade or migration may change expected behavior: v3.2.1
- Evidence: failure_mode_cluster:github_release | https://github.com/firecrawl/firecrawl-mcp-server/releases/tag/v3.2.1