firebase-rules-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest user-provided requirements for Firebase rules and has access to high-privilege tools like
Bash(gcloud:*). It lacks explicit boundary markers or sanitization logic to prevent malicious instructions embedded in user input from being interpreted as commands. - Ingestion points: User requests regarding 'firebase rules generator'.
- Boundary markers: Absent in the skill definition.
- Capability inventory: Read, Write, Edit, and Bash(gcloud:*) allow for significant filesystem and cloud environment modification.
- Sanitization: No sanitization or validation of the user-provided patterns is specified in the skill markdown.
Audit Metadata