firestore

# Firestore
Manage Google Cloud Firestore databases via REST API

This skill is built on top of the official Firebase Firestore REST API reference documentation: https://firebase.google.com/docs/firestore/reference/rest

It enables you to interact with Google Cloud Firestore using the [Firestore REST API](https://firebase.google.com/docs/firestore/reference/rest) through `curl` commands. It uses `gcloud auth print-access-token` to obtain authentication tokens, allowing you to perform Create, Read, Update, and Delete (CRUD) operations on Firestore documents and collections.

For related documentation:
- Installation and setup: [installation.md](installation.md)
- Few-shot prompts and command examples: [examples.md](examples.md)
- Error handling and diagnostics: [troubleshooting.md](troubleshooting.md)

## Requirements

This skill requires `curl` and `gcloud` CLI.

For full installation and setup instructions, see [installation.md](installation.md).

## Credentials & Environment

This skill uses OAuth 2.0 access tokens generated by `gcloud auth print-access-token`. The token is valid for a limited time (typically 1 hour) and inherits the permissions of the authenticated Google Cloud account.

This skill must run only with a dedicated service account context. Do not use personal user credentials or broad admin identities.

**Before any operation, generate a fresh access token:**
```bash
ACCESS_TOKEN=$(gcloud auth print-access-token)
```

**Before any operation, verify the active identity is a service account:**
```bash
gcloud config list --format='text(core.account,core.project)'
```

If the active account is not a service account (for example, it does not end with `gserviceaccount.com`), stop and ask the user to switch credentials before proceeding.

**Security Recommendations:**
- **Use a dedicated, least-privilege service account** for automation tasks. Never use your personal or admin account.
- **Test in a sandbox or development project** before running commands a...