firebase-ai-logic
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends the installation of standard tools like 'firebase-tools' and official SDKs from Google and Anthropic.\n- [CREDENTIALS_UNSAFE]: Employs best practices by using placeholders for API keys and advising users to store credentials in environment variables rather than hardcoding.\n- [PROMPT_INJECTION]: The skill exposes an interface for user prompts in 'SKILL.md' (e.g., within the 'generateContent' function). This inherent surface for indirect injection is addressed by explicit constraints requiring user input validation.
Audit Metadata