Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/firebase-vertex-ai/Gen Agent Trust Hub

firebase-vertex-ai

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requests broad shell access via Bash(cmd:*) to perform Firebase CLI operations, project initialization, and deployments. The script scripts/init-firebase.sh automates project setup and global package installation.
  • [EXTERNAL_DOWNLOADS]: The initialization script scripts/init-firebase.sh and documentation in references/SKILL.full.md facilitate the installation of the firebase-tools package from the npm registry. This is a trusted dependency for the intended purpose.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface in the backend integration examples provided for RAG and content analysis.
  • Ingestion points: Untrusted data enters via data.content in functions/src/vertex/analyze-content.ts and data.query and contextText in functions/src/vertex/rag-query.ts.
  • Boundary markers: Absent; the code examples interpolate variables directly into string templates without delimiters (e.g., XML tags or triple quotes) or instructions to ignore embedded instructions.
  • Capability inventory: The skill possesses Bash(cmd:*), Write, and Edit capabilities as defined in SKILL.md.
  • Sanitization: Absent; the examples parse LLM output or return text results without input validation or escaping of external content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 10:20 PM