convex-cron-jobs
Warn
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [METADATA_POISONING]: The skill metadata (frontmatter) identifies the author as 'Convex', which contradicts the verified author 'JStaRFilms' provided in the author context. This discrepancy is deceptive and could lead users to incorrectly assume the skill is an official product from Convex.\n- [EXTERNAL_DOWNLOADS]: The skill references and encourages fetching documentation from official Convex service domains.\n
- Evidence: Multiple links to docs.convex.dev are included throughout the documentation for reference.\n- [INDIRECT_PROMPT_INJECTION]: The skill implements a pattern for fetching and storing data from an external API without proper sanitization, creating an attack surface for indirect prompt injection.\n
- Ingestion points: The syncExternalData action in convex/sync.ts fetches data from api.example.com.\n
- Boundary markers: No delimiters or 'ignore embedded instructions' markers are present in the provided code snippets.\n
- Capability inventory: The skill utilizes sensitive capabilities including database operations (ctx.db.insert, ctx.db.delete), storage operations (ctx.storage.delete), and job scheduling (ctx.scheduler.runAfter).\n
- Sanitization: The external payload is stored directly into the database without any validation, filtering, or sanitization steps.
Audit Metadata