firebase-auth
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill focuses on providing implementation templates for Firebase Authentication using official and trusted SDKs. All code examples follow security best practices, including the use of environment variables for sensitive configuration.
- [SAFE]: Implements robust server-side verification using the Firebase Admin SDK, ensuring that authentication tokens are validated on the backend before granting access to protected resources.
- [SAFE]: Includes specific instructions to prevent security vulnerabilities like email enumeration by recommending generic error messages for authentication failures.
- [SAFE]: The session management implementation correctly utilizes secure cookie attributes such as httpOnly, secure, and sameSite to protect against XSS and CSRF attacks.
Audit Metadata