firebase-cli
Warn
Audited by Socket on Jun 17, 2026
1 alert found:
AnomalyAnomalyscripts/install.sh
LOWAnomalyLOW
scripts/install.sh
This is primarily an installer/orchestration shell script for `firebase-tools`. No explicit malware behaviors (e.g., credential theft, persistence, exfiltration, backdoors) are evident in the snippet itself. The main supply-chain risk is the standalone installation method executing a remote script directly (`curl -sL https://firebase.tools | bash`) without visible integrity verification; npm installation also relies on registry/package trust and is not additionally pinned or checked beyond an optional version parameter. Overall: treat as a moderate-to-high install-time supply-chain hardening concern rather than confirmed malicious code.
Confidence: 100%Severity: 60%
Audit Metadata