firebase-cli
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill references and uses the official standalone installation script via
curl -sL https://firebase.tools | bashinSKILL.mdandscripts/install.sh. This targets a well-known service domain managed by Google.\n- [EXTERNAL_DOWNLOADS]: The skill installs thefirebase-toolspackage from the official npm registry. It also provides scripts to download configuration and binaries from Google's Firebase servers.\n- [COMMAND_EXECUTION]: The helper scriptsscripts/deploy.shandscripts/emulators.shuse theevalcommand to execute Firebase CLI operations based on provided flags and project configuration. This is used for legitimate command assembly within the local environment.\n- [PROMPT_INJECTION]: The skill demonstrates an indirect injection surface as it ingests untrusted project data (e.g.,firebase.json,users.json, anddata.jsoninSKILL.mdandscripts/deploy.sh). There are no boundary markers or explicit sanitization steps for these files. The skill possesses extensive capabilities, including subprocess execution and network operations through the Firebase CLI.
Audit Metadata