convex-development-general
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The SKILL.md file includes a 'Memory Protocol' instructing the agent to run the cat command on .claude/context/memory/learnings.md. While intended for context persistence, instructing an agent to execute shell commands directly creates a potential vector for unintended operations.
- [PROMPT_INJECTION]: The process of reading the learnings.md file constitutes an indirect prompt injection surface.
- Ingestion points: The agent is instructed to read content from .claude/context/memory/learnings.md at the start of its task.
- Boundary markers: No delimiters or 'ignore instructions' warnings are present around the ingested content.
- Capability inventory: The agent has access to Read, Write, and Edit tools.
- Sanitization: No sanitization or validation of the file content is performed before the agent reads it.
Audit Metadata