fullstack-vite-convex
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads project templates and software dependencies from the official Convex registry and the npm package manager, which are well-known and reputable services.
- [COMMAND_EXECUTION]: The agent is instructed to autonomously manage the development lifecycle, including shell commands for project initialization, package installation, and starting background development servers.
- [PROMPT_INJECTION]: The instructions contain strong directives like 'Autonomy Is Non-Negotiable' and 'NEVER tell the user to run commands', which guide the agent to perform actions directly rather than requesting user confirmation for each step.
Audit Metadata