firebase-ai-logic
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions include installing official tools and libraries from well-known sources, specifically 'firebase-tools', 'firebase', and '@anthropic-ai/sdk' via npm.
- [COMMAND_EXECUTION]: Provides standard commands for project initialization and configuration using the Firebase CLI.
- [PROMPT_INJECTION]: As a template for building AI-powered features, the skill naturally involves passing user-provided strings and image data to generative models. While this creates an indirect prompt injection surface, the skill provides appropriate guidance on constraints and input validation.
- Ingestion points: The
generateContent(prompt)andanalyzeImage(imageUrl, prompt)functions inSKILL.mdaccept external data. - Boundary markers: Not explicitly defined in the provided code snippets.
- Capability inventory: Performs network requests to fetch images and interacts with AI generation APIs.
- Sanitization: The instructions explicitly include a constraint to 'Validate user input', although specific implementation details are left to the developer.
Audit Metadata