convex-auth
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to override agent behavior or bypass safety filters.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or sensitive file paths were detected. The skill explicitly instructs users to store secrets in environment variables and avoid hardcoding.
- [External Downloads] (SAFE): Reference URLs point to official documentation (convex.dev); no automated script execution or unverified downloads detected.
- [Indirect Prompt Injection] (SAFE): The skill processes user input related to authentication patterns but lacks functional capabilities (e.g., file writing, network calls, command execution) to act upon malicious instructions.
- [Command Execution] (SAFE): No shell commands or dynamic execution patterns were identified.
Audit Metadata