diff --git a/scripts/code.angularjs.org-firebase/functions/.snyk b/scripts/code.angularjs.org-firebase/functions/.snyk
new file mode 100644
index 000000000000..aa197afd17f8
--- /dev/null
+++ b/scripts/code.angularjs.org-firebase/functions/.snyk
@@ -0,0 +1,8 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.22.1
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - firebase-admin > @google-cloud/firestore > @google-cloud/common-grpc > @google-cloud/common > split-array-stream > async > lodash:
+        patched: '2022-03-25T18:59:31.102Z'
diff --git a/scripts/code.angularjs.org-firebase/functions/package-lock.json b/scripts/code.angularjs.org-firebase/functions/package-lock.json
index 6bd5ab47a101..1fb49d80fa45 100644
--- a/scripts/code.angularjs.org-firebase/functions/package-lock.json
+++ b/scripts/code.angularjs.org-firebase/functions/package-lock.json
@@ -197,6 +197,11 @@
       "resolved": "https://registry.npmjs.org/@protobufjs/utf8/-/utf8-1.1.0.tgz",
       "integrity": "sha1-p3c2C1s5oaLlEG+OhY8v0tBgxXA="
     },
+    "@snyk/protect": {
+      "version": "1.883.0",
+      "resolved": "https://registry.npmjs.org/@snyk/protect/-/protect-1.883.0.tgz",
+      "integrity": "sha512-N/EqG6P/qNYWOfuZAfGS1d7yGwGY4zV7AvKtgTzdhazDt7G/mRLG6czLSWNWGEFYBiMsYRVPHdc5It3bjhmIGw=="
+    },
     "@types/body-parser": {
       "version": "1.17.0",
       "resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.17.0.tgz",
diff --git a/scripts/code.angularjs.org-firebase/functions/package.json b/scripts/code.angularjs.org-firebase/functions/package.json
index 3e11c15cd8eb..1986d3a14d82 100644
--- a/scripts/code.angularjs.org-firebase/functions/package.json
+++ b/scripts/code.angularjs.org-firebase/functions/package.json
@@ -4,7 +4,13 @@
   "dependencies": {
     "@google-cloud/storage": "^1.1.1",
     "firebase-admin": "^5.11.0",
-    "firebase-functions": "^1.0.4"
+    "firebase-functions": "^1.0.4",
+    "@snyk/protect": "latest"
   },
-  "private": true
+  "private": true,
+  "scripts": {
+    "prepare": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
+  },
+  "snyk": true
 }