← Back to search

io.github.firebase/firebase-mcp

firebase MIT 4,417 stars Scanned 55d ago

Gives AI development tools Firebase-specific capabilities and expertise.

? Not scanned yet

Versions

0.3.0 latest
May 19, 2026
15.18.0
May 13, 2026
15.17.0
May 7, 2026
15.16.0
Apr 29, 2026
15.15.0
Apr 16, 2026
+ show 96 more show less
15.14.0
Apr 9, 2026
15.13.0
Apr 2, 2026
15.12.0
Mar 27, 2026
15.11.0
Mar 18, 2026
15.10.1
Mar 16, 2026
15.10.0
Mar 12, 2026
15.9.1
Mar 9, 2026
15.9.0
Mar 9, 2026
15.8.0
Feb 25, 2026
15.7.0
Feb 20, 2026
15.6.0
Feb 12, 2026
15.5.1
Jan 30, 2026
15.5.0
Jan 29, 2026
15.4.0
Jan 22, 2026
15.3.1
Jan 15, 2026
15.3.0
Jan 15, 2026
15.2.1
Jan 8, 2026
15.2.0
Jan 8, 2026
15.1.0
Dec 18, 2025
15.0.0
Dec 10, 2025
14.27.0
Dec 4, 2025
14.26.0
Nov 21, 2025
14.25.1
Nov 19, 2025
14.25.0
Nov 13, 2025
14.24.2
Nov 10, 2025
14.24.1
Nov 7, 2025
14.24.0
Nov 5, 2025
14.23.0
Oct 30, 2025
14.22.0
Oct 23, 2025
14.21.0
Oct 22, 2025
14.20.0
Oct 15, 2025
14.19.1
Oct 8, 2025
14.19.0
Oct 7, 2025
14.18.0
Oct 2, 2025
14.17.0
Sep 17, 2025
14.16.0
Sep 10, 2025
14.15.2
Sep 3, 2025
14.15.1
Aug 28, 2025
14.15.0
Aug 27, 2025
14.14.0
Aug 21, 2025
14.13.0
Aug 21, 2025
14.12.1
Aug 15, 2025
14.12.0
Aug 6, 2025
14.11.2
Jul 30, 2025
14.11.1
Jul 22, 2025
14.11.0
Jul 17, 2025
14.10.1
Jul 10, 2025
14.10.0
Jul 10, 2025
14.9.0
Jun 26, 2025
14.8.0
Jun 20, 2025
14.7.0
Jun 12, 2025
14.6.0
Jun 4, 2025
14.5.1
May 30, 2025
14.5.0
May 29, 2025
14.4.0
May 16, 2025
14.3.1
May 9, 2025
14.3.0
May 7, 2025
14.2.2
Apr 30, 2025
14.2.1
Apr 23, 2025
14.2.0
Apr 16, 2025
14.1.0
Apr 2, 2025
14.0.1
Mar 28, 2025
14.0.0
Mar 27, 2025
13.35.1
Mar 21, 2025
13.35.0
Mar 20, 2025
13.34.0
Mar 11, 2025
13.33.0
Mar 6, 2025
13.32.0
Feb 27, 2025
13.31.2
Feb 19, 2025
13.31.1
Feb 13, 2025
13.31.0
Feb 12, 2025
13.30.0
Feb 4, 2025
13.29.3
Jan 30, 2025
13.29.2
Jan 22, 2025
13.29.1
Dec 13, 2024
13.29.0
Dec 12, 2024
13.28.0
Dec 4, 2024
13.27.0
Nov 21, 2024
13.26.0
Nov 19, 2024
13.25.0
Nov 12, 2024
13.24.2
Nov 7, 2024
13.24.1
Nov 5, 2024
13.24.0
Nov 4, 2024
13.23.1
Oct 30, 2024
13.23.0
Oct 22, 2024
13.22.1
Oct 16, 2024
13.22.0
Oct 8, 2024
13.21.0
Oct 8, 2024
13.20.2
Sep 30, 2024
13.20.1
Sep 27, 2024
13.20.0
Sep 26, 2024
13.19.0
Sep 23, 2024
13.18.0
Sep 19, 2024
13.17.0
Sep 11, 2024
13.16.0
Aug 27, 2024
13.15.4
Aug 21, 2024

Tools 0

No tools indexed yet.

Permissions 4

network medium
network
filesystem low
filesystem
shell high
shell
env_vars low
env_vars

Scan Findings 139

info
package.json metadata manifest_parser · 100%
info
Transport: streamable-http manifest_parser · 80%
info
Required env vars (112) manifest_parser · 80%
medium
Permission: network access detected permission_analyzer · 90%
low
Permission: filesystem access detected permission_analyzer · 90%
high
Permission: shell access detected permission_analyzer · 95%
low
Permission: env_vars access detected permission_analyzer · 90%
medium
Excessive dependency count: 159 direct dependencies dependency_analyzer · 90%
medium
Suspicious package name: react-dom dependency_analyzer · 60%
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.24.0 (GHSA-345p-7cg4-v4c7) dependency_analyzer · 95%
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.24.0 (GHSA-8r9q-7v3j-jr4g) dependency_analyzer · 95%
medium
Vulnerable dependency: ajv@8.17.1 (GHSA-2g4f-4pwh-qvx6) dependency_analyzer · 95%
medium
Vulnerable dependency: body-parser@1.19.0 (GHSA-qwcr-r2fm-qrc7) dependency_analyzer · 95%
medium
Vulnerable dependency: express@4.16.4 (GHSA-qw6h-vgh9-j6wx) dependency_analyzer · 95%
medium
Vulnerable dependency: express@4.16.4 (GHSA-rv95-896h-c2vc) dependency_analyzer · 95%
medium
Vulnerable dependency: form-data@4.0.1 (GHSA-fjxv-7rqg-78g4) dependency_analyzer · 95%
medium
Vulnerable dependency: minimatch@3.0.4 (GHSA-23c5-xmqv-rm74) dependency_analyzer · 95%
medium
Vulnerable dependency: minimatch@3.0.4 (GHSA-3ppc-4f35-3m26) dependency_analyzer · 95%
medium
Vulnerable dependency: minimatch@3.0.4 (GHSA-7r86-cg39-jmmj) dependency_analyzer · 95%
medium
Vulnerable dependency: minimatch@3.0.4 (GHSA-f8q6-p94x-37v3) dependency_analyzer · 95%
medium
Vulnerable dependency: pglite-2@npm:@electric-sql/pglite@0.2.17 (MAL-2025-42056) dependency_analyzer · 95%
medium
Vulnerable dependency: tmp@0.2.3 (GHSA-52f5-9888-hmc6) dependency_analyzer · 95%
medium
Vulnerable dependency: astro@2.2.3 (GHSA-49w6-73cw-chjr) dependency_analyzer · 95%
medium
Vulnerable dependency: astro@2.2.3 (GHSA-5ff5-9fcw-vg88) dependency_analyzer · 95%
medium
Vulnerable dependency: astro@2.2.3 (GHSA-c4pw-33h3-35xw) dependency_analyzer · 95%
medium
Vulnerable dependency: astro@2.2.3 (GHSA-fvmw-cj7j-j39q) dependency_analyzer · 95%
medium
Vulnerable dependency: astro@2.2.3 (GHSA-ggxq-hp9w-j794) dependency_analyzer · 95%
medium
Vulnerable dependency: astro@2.2.3 (GHSA-j687-52p2-xcff) dependency_analyzer · 95%
medium
Vulnerable dependency: astro@2.2.3 (GHSA-whqg-ppgf-wp8c) dependency_analyzer · 95%
medium
Vulnerable dependency: astro@2.2.3 (GHSA-wrwg-2hg8-v723) dependency_analyzer · 95%
medium
Vulnerable dependency: astro@2.2.3 (GHSA-x3h8-62x9-952g) dependency_analyzer · 95%
medium
Vulnerable dependency: astro@2.2.3 (GHSA-xf8x-j4p2-f749) dependency_analyzer · 95%
medium
Vulnerable dependency: astro@2.2.3 (GHSA-xr5h-phrj-8vxv) dependency_analyzer · 95%
medium
Vulnerable dependency: firebase@9.16.0 (GHSA-3wf4-68gx-mph8) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-36qx-fr4f-26g5) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-3g8h-86w9-wvmq) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-3h52-269p-cp9r) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-3x4c-7xq6-9pq8) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-4342-x723-ch2f) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-5j59-xgg2-r9c4) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-7gfc-8cq8-jh5f) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-7m27-7ghc-44w9) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-8h8q-6873-q5fj) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-9g9p-9gw9-jx7f) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-c4j6-fc7j-m34r) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-f82v-jwr5-mffw) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-ffhc-5mcf-pf4q) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-fr5h-rqp8-mj6g) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-g5qg-72qw-gw5v) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-g77x-44xx-532m) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-ggv3-7p47-pfv8) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-gp8f-8m3g-qvj9) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-gx5p-jg67-6x7h) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-h25m-26qc-wcjf) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-h64f-5h5j-jqjh) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-mwv6-3258-q52c) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-q4gf-8mx6-v5v3) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-qpjv-v59x-3qc4) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-vfv6-92ff-j949) dependency_analyzer · 95%
medium
Vulnerable dependency: next@14.1.0 (GHSA-xv57-4mr9-wg8v) dependency_analyzer · 95%
medium
Vulnerable dependency: vite@4.2.1 (GHSA-353f-5xf4-qw67) dependency_analyzer · 95%
medium
Vulnerable dependency: vite@4.2.1 (GHSA-356w-63v5-8wf4) dependency_analyzer · 95%
medium
Vulnerable dependency: vite@4.2.1 (GHSA-4r4m-qw57-chr8) dependency_analyzer · 95%
medium
Vulnerable dependency: vite@4.2.1 (GHSA-4w7w-66w2-5vf9) dependency_analyzer · 95%
medium
Vulnerable dependency: vite@4.2.1 (GHSA-64vr-g452-qvp3) dependency_analyzer · 95%
medium
Vulnerable dependency: vite@4.2.1 (GHSA-859w-5945-r5v3) dependency_analyzer · 95%
medium
Vulnerable dependency: vite@4.2.1 (GHSA-8jhw-289h-jh2g) dependency_analyzer · 95%
medium
Vulnerable dependency: vite@4.2.1 (GHSA-93m4-6634-74q7) dependency_analyzer · 95%
medium
Vulnerable dependency: vite@4.2.1 (GHSA-9cwx-2883-4wfx) dependency_analyzer · 95%
medium
Vulnerable dependency: vite@4.2.1 (GHSA-c24v-8rfc-w8vw) dependency_analyzer · 95%
medium
Vulnerable dependency: vite@4.2.1 (GHSA-g4jq-h2w9-997c) dependency_analyzer · 95%
medium
Vulnerable dependency: vite@4.2.1 (GHSA-jqfw-vq24-v9c3) dependency_analyzer · 95%
medium
Vulnerable dependency: vite@4.2.1 (GHSA-vg6x-rcgg-rjx6) dependency_analyzer · 95%
medium
Vulnerable dependency: vite@4.2.1 (GHSA-x574-m823-4x7w) dependency_analyzer · 95%
medium
Vulnerable dependency: vite@4.2.1 (GHSA-xcj6-pq6g-qj4x) dependency_analyzer · 95%
medium
Vulnerable dependency: shelljs@0.8.3 (GHSA-4rq4-32rv-6wp6) dependency_analyzer · 95%
medium
Vulnerable dependency: shelljs@0.8.3 (GHSA-64g7-mvw6-v9qj) dependency_analyzer · 95%
medium
Vulnerable dependency: js-yaml@4.1.0 (GHSA-mh29-5h37-fv8m) dependency_analyzer · 95%
medium
Vulnerable dependency: webpack@5.75.0 (GHSA-38r7-794h-5758) dependency_analyzer · 95%
medium
Vulnerable dependency: webpack@5.75.0 (GHSA-4vvj-4cpr-p986) dependency_analyzer · 95%
medium
Vulnerable dependency: webpack@5.75.0 (GHSA-8fgc-7cc6-rx7x) dependency_analyzer · 95%
medium
Vulnerable dependency: webpack@5.75.0 (GHSA-hc6q-2mpp-qw7j) dependency_analyzer · 95%
medium
Vulnerable dependency: next@16.2.4 (GHSA-26hh-7cqf-hhc6) dependency_analyzer · 95%
medium
Vulnerable dependency: next@16.2.4 (GHSA-492v-c6pp-mqqv) dependency_analyzer · 95%
medium
Vulnerable dependency: next@16.2.4 (GHSA-8h8q-6873-q5fj) dependency_analyzer · 95%
medium
Vulnerable dependency: next@16.2.4 (GHSA-ffhc-5mcf-pf4q) dependency_analyzer · 95%
medium
Vulnerable dependency: next@16.2.4 (GHSA-h64f-5h5j-jqjh) dependency_analyzer · 95%
medium
Vulnerable dependency: next@16.2.4 (GHSA-wfc6-r584-vfw7) dependency_analyzer · 95%
medium
Vulnerable dependency: @angular/common@17.0.5 (GHSA-58c5-g7wp-6w37) dependency_analyzer · 95%
medium
Vulnerable dependency: @angular/compiler@17.0.5 (GHSA-g93w-mfhg-p222) dependency_analyzer · 95%
medium
Vulnerable dependency: @angular/compiler@17.0.5 (GHSA-jrmj-c5cx-3cw6) dependency_analyzer · 95%
medium
Vulnerable dependency: @angular/compiler@17.0.5 (GHSA-v4hv-rgfq-gp49) dependency_analyzer · 95%
medium
Vulnerable dependency: @angular/core@17.0.5 (GHSA-g93w-mfhg-p222) dependency_analyzer · 95%
medium
Vulnerable dependency: @angular/core@17.0.5 (GHSA-jrmj-c5cx-3cw6) dependency_analyzer · 95%
medium
Vulnerable dependency: @angular/core@17.0.5 (GHSA-prjf-86w9-mfqv) dependency_analyzer · 95%
medium
Vulnerable dependency: @angular/platform-server@17.0.5 (GHSA-45q2-gjvg-7973) dependency_analyzer · 95%
medium
Vulnerable dependency: @angular/platform-server@17.0.5 (GHSA-68x2-mx4q-78m7) dependency_analyzer · 95%
medium
Vulnerable dependency: @angular/platform-server@17.0.5 (GHSA-rfh7-fxqc-q52v) dependency_analyzer · 95%
medium
Vulnerable dependency: @angular/ssr@17.0.5 (GHSA-68x2-mx4q-78m7) dependency_analyzer · 95%
medium
Vulnerable dependency: @angular/ssr@17.0.5 (GHSA-x288-3778-4hhx) dependency_analyzer · 95%
medium
Vulnerable dependency: express@4.15.2 (GHSA-qw6h-vgh9-j6wx) dependency_analyzer · 95%
medium
Vulnerable dependency: express@4.15.2 (GHSA-rv95-896h-c2vc) dependency_analyzer · 95%
medium
Vulnerable dependency: next@16.2.4 (GHSA-267c-6grr-h53f) dependency_analyzer · 95%
medium
Vulnerable dependency: next@16.2.4 (GHSA-36qx-fr4f-26g5) dependency_analyzer · 95%
medium
Vulnerable dependency: next@16.2.4 (GHSA-3g8h-86w9-wvmq) dependency_analyzer · 95%
medium
Vulnerable dependency: next@16.2.4 (GHSA-c4j6-fc7j-m34r) dependency_analyzer · 95%
medium
Vulnerable dependency: next@16.2.4 (GHSA-gx5p-jg67-6x7h) dependency_analyzer · 95%
medium
Vulnerable dependency: next@16.2.4 (GHSA-mg66-mrh9-m8jx) dependency_analyzer · 95%
medium
Vulnerable dependency: next@16.2.4 (GHSA-vfv6-92ff-j949) dependency_analyzer · 95%
medium
Vulnerable dependency: firebase@9.9.0 (GHSA-3wf4-68gx-mph8) dependency_analyzer · 95%
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.11.5 (GHSA-345p-7cg4-v4c7) dependency_analyzer · 95%
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.11.5 (GHSA-8r9q-7v3j-jr4g) dependency_analyzer · 95%
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.11.5 (GHSA-w48q-cv73-mx4w) dependency_analyzer · 95%
high
Generic API Key Assignment found in scripts/agent-evals/templates/crashlytics-flutter/lib/firebase_options.dart secret_scanner · 75%
high
Generic API Key Assignment found in scripts/agent-evals/src/data/index.ts secret_scanner · 75%
high
Hardcoded Password found in src/emulator/auth/state.ts secret_scanner · 65%
medium
High-entropy string (5.95 bits/char) in firebase-vscode/src/webview.ts:64 entropy_analyzer · 54%
medium
High-entropy string (5.87 bits/char) in scripts/emulator-tests/functionsEmulator.spec.ts:485 entropy_analyzer · 53%
medium
High-entropy string (5.86 bits/char) in scripts/emulator-tests/functionsEmulator.spec.ts:533 entropy_analyzer · 52%
medium
Buffer.from base64 in src/accountImporter.ts:36 entropy_analyzer · 75%
medium
Buffer.from base64 in src/init/features/ailogic/index.ts:134 entropy_analyzer · 75%
medium
Buffer.from base64 in src/init/features/hosting/github.ts:657 entropy_analyzer · 75%
medium
Buffer.from base64 in src/init/features/hosting/github.ts:681 entropy_analyzer · 75%
medium
Hex string literal (>50 chars) in src/deploy/hosting/uploader.spec.ts:112 entropy_analyzer · 70%
medium
Hex string literal (>50 chars) in src/deploy/hosting/uploader.spec.ts:113 entropy_analyzer · 70%
medium
Buffer.from base64 in src/management/apps.ts:574 entropy_analyzer · 75%
medium
Buffer.from base64 in src/mcp/tools/core/get_sdk_config.ts:53 entropy_analyzer · 75%
medium
Buffer.from base64 in src/gcp/secretManager.ts:224 entropy_analyzer · 75%
medium
Buffer.from base64 in src/emulator/tasksEmulator.ts:272 entropy_analyzer · 75%
medium
Buffer.from base64 in src/emulator/auth/state.ts:942 entropy_analyzer · 75%
medium
Buffer.from base64 in src/emulator/auth/operations.ts:2991 entropy_analyzer · 75%
info
SLSA Build Level 1 detected slsa_assessor · 85%
high
High-risk OAuth scope: https://www.googleapis.com/auth/cloud-platform oauth_scope_analyzer · 80%
info
Could not connect to MCP server for output poisoning scan output_poisoning · 100%
info
Could not connect to MCP server for behavioral verification behavioral_verifier · 100%
info
SBOM generated: 3132 components sbom_generator · 100%
info
MITRE ATLAS technique coverage summary atlas_annotator · 100%
info
ATLAS: Adversarial ML Supply Chain (AML.T0043) atlas_annotator · 100%
info
ATLAS: Poison Training Data (AML.T0020) atlas_annotator · 100%