ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified

firestore

Manage Google Cloud Firestore databases using the Firestore REST API via curl commands. Authenticate using gcloud CLI tokens to perform CRUD operations on documents and collections.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/felipe0liveira/firestore
Or

Firestore

Manage Google Cloud Firestore databases via REST API

This skill is built on top of the official Firebase Firestore REST API reference documentation: https://firebase.google.com/docs/firestore/reference/rest

It enables you to interact with Google Cloud Firestore using the Firestore REST API through curl commands. It uses gcloud auth print-access-token to obtain authentication tokens, allowing you to perform Create, Read, Update, and Delete (CRUD) operations on Firestore documents and collections.

For related documentation:

  • Installation and setup: installation.md
  • Few-shot prompts and command examples: examples.md
  • Error handling and diagnostics: troubleshooting.md

Requirements

This skill requires curl and gcloud CLI.

For full installation and setup instructions, see installation.md.

Credentials & Environment

This skill uses OAuth 2.0 access tokens generated by gcloud auth print-access-token. The token is valid for a limited time (typically 1 hour) and inherits the permissions of the authenticated Google Cloud account.

This skill must run only with a dedicated service account context. Do not use personal user credentials or broad admin identities.

Before any operation, generate a fresh access token:

ACCESS_TOKEN=$(gcloud auth print-access-token)

Before any operation, verify the active identity is a service account:

gcloud config list --format='text(core.account,core.project)'

If the active account is not a service account (for example, it does not end with gserviceaccount.com), stop and ask the user to switch credentials before proceeding.

Security Recommendations:

  • Use a dedicated, least-privilege service account for automation tasks. Never use your personal or admin account.
  • Test in a sandbox or development project before running commands against production.
  • Verify your active project with gcloud config list before executing commands.
  • Tokens expire after approximately 1 hour — regenerate if you encounter 401 Unauthorized errors.
  • The token inherits ALL permissions of the authenticated account, including read access to sensitive data.
  • Revoke tokens immediately if you suspect unauthorized access: gcloud auth revoke
  • Audit activity regularly by reviewing Cloud Audit Logs for the project.

Security Considerations

Important: This skill can access Firestore data with the same permissions as the authenticated Google Cloud account. For safety, this skill requires explicit user approval before executing any operation, including read-only operations.

Read Full Documentation on GitHub

Metadata

Author@felipe0liveira
Stars2387
Views0
Updated2026-03-09
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-felipe0liveira-firestore": {
      "enabled": true,
      "auto_update": true
    }
  }
}
Safety NoteClawKit audits metadata but not runtime behavior. Use with caution.

Related Skills

gcloud

Manage Google Cloud Platform resources using the official gcloud CLI, discovering command syntax dynamically with `gcloud <group> --help` before execution.

felipe0liveira 2387