Skills
skills/jingjing2222/create-rn-miniapp/firebase-functions/Gen Agent Trust Hub

firebase-functions

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run local maintenance scripts, specifically 'node ./server/scripts/check-env.mjs' and 'node ./server/scripts/check-client-links.mjs', to validate the environment and connection status.
  • [PROMPT_INJECTION]: The skill processes project-specific files like 'state.json' and 'README.md', which provides a surface for indirect prompt injection if those files contain malicious instructions. Ingestion points: 'server/.create-rn-miniapp/state.json', 'server/README.md', 'server/firebase.json', 'server/firestore.rules'. Capability inventory: Local command execution via Node.js. Boundary markers: Absent. Sanitization: Absent.
  • [DATA_EXFILTRATION]: The skill directs the agent to inspect sensitive configuration files such as '.env.local' and Firebase initialization files to verify project IDs and region settings, which is necessary for its diagnostic purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 02:50 PM