Firebase
ReviewAudited by ClawScan on May 1, 2026.
Overview
This Firebase helper appears coherent and disclosed, but it requires connecting your Firebase account through Maton and can make Firebase project/app changes when approved.
Install only if you intend to manage Firebase through Maton. Connect the correct Firebase account, include the Maton-Connection header when multiple accounts exist, and require explicit confirmation before any create, update, or delete operation.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any agent using this key may be able to access the Firebase resources available through the connected Maton account.
The skill requires a bearer API key that authorizes access through Maton's Firebase integration.
All requests require the Maton API key in the Authorization header: Authorization: Bearer $MATON_API_KEY
Use a dedicated Maton key if possible, connect only the intended Firebase account, and revoke or rotate the key if it is no longer needed.
Approved write actions could change Firebase project settings, add Firebase to projects, or modify application resources.
Full CRUD management is purpose-aligned for a Firebase management skill, but it includes high-impact create, update, and delete authority over cloud resources.
Manage Firebase projects and apps (Web, Android, iOS) with full CRUD operations.
Before any create, update, or delete action, verify the target project/app, the exact effect, and whether the action is reversible.
Firebase request and response data may pass through Maton's proxy as part of the managed OAuth workflow.
Firebase API traffic and OAuth handling are routed through the Maton service rather than directly from the user's environment to Firebase.
Maton proxies requests to `firebase.googleapis.com` and automatically injects your OAuth token.
Use this only if you trust Maton with the connected Firebase account and the data returned by Firebase APIs.