firebase-cli

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation and installation scripts reference the official Firebase standalone installer at https://firebase.tools. This is a well-known service endpoint for the Firebase platform.
  • [REMOTE_CODE_EXECUTION]: The installation process includes a command to pipe a remote shell script directly into bash (curl -sL https://firebase.tools | bash). This is the official and documented installation method for the firebase-tools binary provided by the vendor.
  • [COMMAND_EXECUTION]: The skill includes bash scripts (scripts/install.sh, scripts/deploy.sh, and scripts/emulators.sh) that execute shell commands to interact with the Firebase CLI. These scripts use the eval command to dynamically run constructed Firebase operations based on flags and arguments provided during the workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 07:06 AM
Security Audit — agent-trust-hub — firebase-cli