Skills
skills/firebase/agent-skills/firebase-firestore/Gen Agent Trust Hub

firebase-firestore

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches and executes the official Firebase CLI (firebase-tools) via npx to perform database management and deployment tasks.
  • [COMMAND_EXECUTION]: Executes various shell commands to list, create, and configure Firestore instances, as well as deploy security rules and indexes.
  • [INDIRECT_PROMPT_INJECTION]: The instructions for generating security rules require the agent to perform a full scan of the project codebase to identify data models and queries. This ingestion of untrusted local data represents a surface where malicious content within the codebase could attempt to influence the agent's logic or the generated security rules.
  • Ingestion points: Codebase analysis workflow defined in references/standard/security_rules.md and references/enterprise/security_rules.md.
  • Boundary markers: Not defined; the agent is instructed to scan the entire codebase.
  • Capability inventory: Full database management and deployment capabilities via the firebase-tools CLI.
  • Sanitization: No specific sanitization or filtering of codebase content is mentioned before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 04:19 PM