firebase-platform
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): No instructions designed to override agent behavior or bypass safety filters were detected. The content is strictly educational.
- DATA_EXPOSURE (SAFE): The skill identifies security best practices, explicitly stating that secrets must not be hardcoded and should be stored in GCP Secret Manager or environment variables.
- REMOTE_CODE_EXECUTION (SAFE): No remote script downloads or piped execution patterns (e.g., curl|bash) are present.
- COMMAND_EXECUTION (SAFE): While the skill mentions the Firebase CLI command 'firebase dataconnect:sdk:generate', it does so in the context of developer workflow documentation, not as an automated malicious execution step.
Audit Metadata