What this agent helps you do
A Firebase security rules review agent helps teams inspect data access logic before release. It can summarize rule intent, identify risky patterns, and prepare tests or owner questions for human review.
When to use this workflow
Use it before changing Firestore or Storage rules, launching new user roles, investigating access bugs, or preparing a security-sensitive release.
How Firebase gives the agent context
Connect Firebase and define the project, rule set, data model, and user scenarios. Ask the agent to keep changes approval-ready and to distinguish what it can verify from what requires tests.
Example starter prompt
Review Firebase security rules for this release. Summarize intended access, risky assumptions, test scenarios, missing context, and recommended approval-ready changes.
Suggested workflow steps
The agent gathers rule context, maps rules to user scenarios, identifies high-risk access paths, and prepares validation cases. Pair with GitHub for rule diffs or app code.
Expected handoff
The handoff should include a risk summary, scenario table, test checklist, and approval-required recommendations for the release owner.