firebase-firestore-standard
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides commands to deploy Firestore rules and indexes and start local emulators using the official firebase-tools CLI.
- [EXTERNAL_DOWNLOADS]: The skill uses 'npx -y firebase-tools@latest', which downloads and executes the latest version of the official Firebase command-line utility from the NPM registry. This is a trusted tool from a well-known service.
- [PROMPT_INJECTION]: The file 'references/security_rules.md' contains extensive instructions and a security-focused workflow for the agent to follow. These are task-specific instructions aimed at ensuring secure database configuration.
- [PROMPT_INJECTION]: The skill instructs the agent to analyze the user's codebase (references/security_rules.md, Phase-1) to inform security rule generation. This exposes the agent to potential indirect prompt injection from content within the analyzed files.
- Ingestion points: references/security_rules.md (Phase-1: Codebase Analysis).
- Boundary markers: None provided.
- Capability inventory: File system read (codebase scan) and file writing (firestore.rules).
- Sanitization: Relies on the agent's reasoning and the mandatory 'Phase-3: Devil's Advocate' security validation workflow.
- [SAFE]: All referenced tools, repositories, and domains (such as firebase.google.com) are official resources provided by the vendor, firebase.
Audit Metadata