firebase-auth
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns or security risks were identified. The skill's primary focus is providing secure code templates and education on Firebase security.
- [PROMPT_INJECTION] (SAFE): Documentation and correction rules contain standard instructional content without any attempts to override system prompts or bypass safety filters.
- [DATA_EXFILTRATION] (SAFE): No hardcoded secrets, sensitive file path access, or unauthorized network calls were found. The code uses standard environment variable patterns for the Firebase private key.
- [REMOTE_CODE_EXECUTION] (SAFE): The skill does not perform any remote script execution or dynamic code loading. It utilizes standard, well-known libraries (firebase, firebase-admin).
- [COMMAND_EXECUTION] (SAFE): No shell command execution or subprocess spawning is present in the provided scripts.
- [DATA_EXPOSURE] (SAFE): The templates correctly implement security best practices for session management, including HttpOnly and Secure cookie flags.
Audit Metadata