O Promptbook substitui um pentest?

Não. Ele ajuda a encontrar sinais e organizar a revisão. Validação de impacto, cadeia de exploração e confirmação de correção ficam no Pentest Manual.

Por que o Pentest Manual não fica em checkout comum?

Porque escopo, autorização, ambiente e risco operacional precisam ser avaliados antes da proposta.

Google AI Studio, Firebase and Android: generated apps need rules before users

Prompt became app, app became backend, backend became risk

Google AI Studio and Firebase Studio are pushing app creation into a more direct flow: describe, generate, test, connect data and publish. That reduces friction for product validation. For security, it creates a familiar trap: the app looks ready before access rules are ready.

When the product uses Auth, Firestore, Storage, Functions, Workspace integrations or mobile apps, the review cannot stop at the UI.

Where it breaks

Firestore Rules allow any authenticated user to read without ownership checks.
Storage exposes private files through broad rules or predictable URLs.
Frontend API keys are treated as secrets.
Functions accept admin actions without server-side role validation.
Workspace or Drive scopes are broader than needed.
Android apps keep sensitive tokens, cache or logs after logout.
Public deploys happen before preview, staging and production are separated.

Before traffic

Run the Promptbook against the real flow: signup, login, paid plan, upload, export, admin and AI feature. If any result shows cross-access, broad rules or sensitive logs, move to Risk Review before inviting a B2B customer.

The point is not to block creation. It is to turn app building into product boundaries.

Decision questions

Who owns each document?
Does the server validate role or trust the UI?
Can a user list files they should not see?
Does mobile persist sensitive data after logout?
Is there a path to revoke access and delete data?
Does deploy have rollback?

Sources

Fast app generation is leverage. Publishing with broad rules turns leverage into customer risk.

Prompt became app, app became backend, backend became risk

When the product uses Auth, Firestore, Storage, Functions, Workspace integrations or mobile apps, the review cannot stop at the UI.

Where it breaks

Firestore Rules allow any authenticated user to read without ownership checks.
Storage exposes private files through broad rules or predictable URLs.
Frontend API keys are treated as secrets.
Functions accept admin actions without server-side role validation.
Workspace or Drive scopes are broader than needed.
Android apps keep sensitive tokens, cache or logs after logout.
Public deploys happen before preview, staging and production are separated.

Before traffic

The point is not to block creation. It is to turn app building into product boundaries.

Decision questions

Who owns each document?
Does the server validate role or trust the UI?
Can a user list files they should not see?
Does mobile persist sensitive data after logout?
Is there a path to revoke access and delete data?
Does deploy have rollback?

Sources

Fast app generation is leverage. Publishing with broad rules turns leverage into customer risk.