The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses standard npx -y firebase-tools@latest commands for project initialization and listing. These are standard developer tools for the Firebase platform and are used appropriately for setup.
[EXTERNAL_DOWNLOADS]: The skill installs the official firebase and firebase-tools packages from the standard NPM registry. These are well-known services and the packages are official tools from the vendor (Firebase/Google).
[CREDENTIALS_UNSAFE]: No hardcoded credentials were found. The skill correctly advises the use of Firebase Remote Config for dynamic configuration and includes placeholders for Firebase configuration objects (firebaseConfig), which is a safe practice.
[PROMPT_INJECTION]: No prompt injection patterns, safety bypasses, or system prompt extraction attempts were detected. The instructions are focused on guiding the developer through legitimate SDK implementation.
[DATA_EXFILTRATION]: No evidence of data exfiltration or unauthorized network operations was found. The network calls are directed towards official Firebase/Google API endpoints for Gemini model inference.

firebase-ai-logic-basics