firebase-apk-scanner

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill extracts API keys/tokens from APKs and instructs the agent to include them verbatim in reports and curl/HTTP requests (e.g., API_KEY, PROJECT_ID, saved tokens), which requires the LLM to handle and output secret values directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). This is a high-risk dual-use security tool: it contains explicit, actionable instructions and commands for unauthenticated reads/writes, credential/API-key extraction, data exfiltration, and uploading/manipulating Firebase resources which could be used to steal data or compromise projects if used without authorization, although it does not contain obfuscated payloads, remote shells, or hidden exec/backdoor code.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill extracts PROJECT_ID/API_KEY from supplied APKs and then issues live requests to public Firebase endpoints (e.g., https://PROJECT_ID.firebaseio.com/.json, firestore.googleapis.com, firebasestorage.googleapis.com, cloudfunctions.net, and the Remote Config API) and ingests those public/untrusted responses as part of its scan and reporting, which exposes the agent to arbitrary third‑party content.