Zum Hauptinhalt springen
Dieser Inhalt ist noch nicht in Ihrer Sprache verfügbar und wird auf Englisch angezeigt.

Firebase Security Rules Auditor

Skill Verifiziert Aktiv
Teil von:Firebase

A skill to evaluate how secure Firestore security rules are. Use this when Firestore security rules are updated to ensure that the generated rules are extremely secure and robust.

Zweck

To provide a rigorous and automated evaluation of Firestore security rules, ensuring they are secure, robust, and correctly implemented against potential vulnerabilities.

Funktionen

  • Audits Firestore security rules for security and robustness.
  • Employs specific 'Red Team Edition' criteria for thorough vulnerability assessment.
  • Checks for common bypasses, authority source issues, business logic conflicts, and type safety.
  • Outputs a JSON-formatted assessment with a score, summary, and detailed findings.

Anwendungsfälle

  • When updating Firestore security rules to ensure new rules are secure.
  • Auditing existing Firestore security rules to identify potential vulnerabilities.
  • Validating that security rules correctly support application business logic.

Nicht-Ziele

  • Modifying Firestore security rules.
  • Deploying or managing Firebase projects.
  • Auditing other Firebase services like Authentication or Realtime Database.

Trust

  • info:Issues AttentionIn the last 90 days, 3 issues were opened and 6 were closed, indicating maintainer engagement, though closure rate is lower than ideal.

Practical Utility

  • info:Usage examplesWhile the skill defines a clear process and output format, concrete examples of input rules and their corresponding JSON output are not provided.

Installation

Zuerst Marketplace hinzufügen

/plugin marketplace add firebase/agent-skills
/plugin install agent-skills@firebase

Qualitätspunktzahl

Verifiziert
95 /100
Analysiert about 20 hours ago

Vertrauenssignale

Letzter Commit2 days ago
GitHub-Inhaber firebase (opens in new tab)
Sterne280
LizenzApache-2.0
Status
Quellcode ansehen

Ähnliche Erweiterungen

Soul Guardian

100

Drift detection + baseline integrity guard for agent workspace files with automatic alerting support

Skill
prompt-security

Audit Dependency Versions

100

Audit project dependencies for version staleness, security vulnerabilities, and compatibility issues. Covers lock file analysis, upgrade path planning, and breaking change assessment. Use before a release to ensure dependencies are current and secure, during periodic maintenance reviews, after receiving a security advisory, when upgrading to a new language version, before submitting to CRAN or npm, or when inheriting a project to assess its dependency health.

Skill
pjt222

Codex Diff Develop

100

Revisa el diff de la rama actual frente a develop en proyectos Drupal 11 siguiendo la metodología Codex (lógica de negocio, edge cases de hooks/queries, seguridad, performance, completitud). Genera un informe .md en la carpeta del IDE detectado (.antigravity/, .cursor/, .vscode/ o docs/) con hallazgos por severidad y soluciones accionables. Usar cuando el usuario pida "Revisión diff develop", "revisión diff develop", "diff develop", "revisar diff", "codex diff" o expresiones similares con intención de auditar cambios contra develop. Triggers: diff develop, codex diff, revisión diff, lint diff develop, auditar diff.

Skill
j4rk0r

Firebase Firestore

100

Sets up, manages, and executes queries against Cloud Firestore database instances. You MUST unconditionally activate this skill if you plan to use Firestore in any way. Use when listing or creating Firestore databases, configuring security rules, designing data models, writing client SDK queries, or checking indexes.

Skill
firebase

Investigate Capa Root Cause

100

Investigate root causes and manage CAPAs (Corrective and Preventive Actions) for compliance deviations. Covers investigation method selection (5-Why, fishbone, fault tree), structured root cause analysis, corrective vs preventive action design, effectiveness verification, and trend analysis. Use when an audit finding requires a CAPA, when a deviation or incident occurs in a validated system, when a regulatory observation needs a formal response, when a data integrity anomaly requires investigation, or when recurring issues suggest a systemic root cause.

Skill
pjt222

Toprank Weekly Review

100

Run a weekly SEO review for one registered website, write audit artifacts, and choose the next best safe action.

Skill
nowork-studio