Skills
skills/firebase/skills/firebase-ai-logic-basics/Gen Agent Trust Hub

firebase-ai-logic-basics

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Firebase CLI via npx to perform project management and initialization tasks, such as listing projects and apps.
  • [PROMPT_INJECTION]: The provided code examples demonstrate patterns where untrusted user input is directly interpolated into generative model prompts, creating a surface for indirect prompt injection.
  • Ingestion points: All reference scripts (e.g., usage_patterns_web.md, flutter_setup.md) define functions that pass raw string prompts to generateContent or sendMessage methods.
  • Boundary markers: Code snippets do not implement delimiters (like """ or ---) to isolate user input from developer instructions.
  • Capability inventory: The skill facilitates the use of generative models with capabilities for multi-turn chat, search grounding, and tool execution.
  • Sanitization: There is no evidence of input validation or content filtering before data is processed by the AI service.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 08:53 AM