firebase-auth-setup
Configures Firebase Authentication with providers, security rules, and React hooks for secure user management in web applications.
Install this skill
or
82/100
Security score
The firebase-auth-setup skill was audited on Mar 3, 2026 and we found 6 security issues across 3 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 272
Template literal with variable interpolation in command context
SourceSKILL.md
| 272 | headers: { Authorization: `Bearer ${token}` }, |
low line 270
Fetch to external URL
SourceSKILL.md
| 270 | fetch("/api/auth/sync", { |
medium line 17
Access to .env file
SourceSKILL.md
| 17 | 2. **Survey the existing auth setup.** Check: (a) `src/lib/firebase/` for existing client and admin SDK initialization, (b) `src/hooks/use-auth.ts` for existing auth hooks, (c) `src/middleware.ts` for |
low line 210
Access to .env file
SourceSKILL.md
| 210 | process.env.NEXT_PUBLIC_SUPABASE_URL!, |
low line 211
Access to .env file
SourceSKILL.md
| 211 | process.env.SUPABASE_SERVICE_ROLE_KEY! |
medium line 357
Access to .env file
SourceSKILL.md
| 357 | - [ ] Firebase API keys are in `.env.local` (never committed). |
Scanned on Mar 3, 2026
View Security DashboardGitHub Stars 2.2K
Rate this skill
Categorydevelopment
UpdatedApril 4, 2026
openclawbackendapibackend-developerfullstack-developerproduct-managergrowth-pmux-designerfirebasesupabasedevelopmentproductdesign
openclaw/skills