firebase-apk-scanner
About
This skill scans Android APK files to identify Firebase security vulnerabilities like open databases, storage buckets, and authentication issues. It's designed for mobile app security audits and testing Firebase endpoint security during authorized research. The tool extracts and analyzes configurations using shell commands, providing a focused report for developers assessing their Firebase implementation risks.
Quick Install
Claude Code
Recommendednpx skills add trailofbits/skills -a claude-code/plugin add https://github.com/trailofbits/skillsgit clone https://github.com/trailofbits/skills.git ~/.claude/skills/firebase-apk-scannerCopy and paste this command in Claude Code to install this skill
GitHub Repository
Frequently asked questions
What is the firebase-apk-scanner skill?
firebase-apk-scanner is a Claude Skill by trailofbits. Skills package instructions and resources that Claude loads on demand, so Claude can perform firebase-apk-scanner-related tasks without extra prompting.
How do I install firebase-apk-scanner?
Use the install commands on this page: add firebase-apk-scanner to Claude Code as a plugin, or clone its repository into your skills directory, then restart Claude so it picks up the skill.
What category does firebase-apk-scanner belong to?
firebase-apk-scanner is in the Testing category, tagged testing and data.
Is firebase-apk-scanner free to use?
Yes. firebase-apk-scanner is listed on AIMCP and free to install. It runs inside Claude, so no separate service account is required to use the skill itself.
Related Skills
This Claude Skill runs the lm-evaluation-harness to benchmark LLMs across 60+ standardized academic tasks like MMLU and GSM8K. It's designed for developers to compare model quality, track training progress, or report academic results. The tool supports various backends including HuggingFace and vLLM models.
This skill provides comprehensive knowledge for implementing Cloudflare Cron Triggers to schedule Workers using cron expressions. It covers setting up periodic tasks, maintenance jobs, and automated workflows while handling common issues like invalid cron expressions and timezone problems. Developers can use it for configuring scheduled handlers, testing cron triggers, and integrating with Workflows and Green Compute.
This Claude Skill provides a Playwright-based toolkit for testing local web applications through Python scripts. It enables frontend verification, UI debugging, screenshot capture, and log viewing while managing server lifecycles. Use it for browser automation tasks but run scripts directly rather than reading their source code to avoid context pollution.
This skill helps developers complete finished work by verifying tests pass and then presenting structured integration options. It guides the workflow for merging, creating PRs, or cleaning up branches after implementation is done. Use it when your code is ready and tested to systematically finalize the development process.
