convex-development
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [SAFE] (SAFE): No malicious behavior or patterns were detected.
- [COMMAND_EXECUTION] (LOW): The skill includes a Python script (scripts/anti_patterns_scanner.py) for auditing local Convex source code. Analysis of the script confirms it uses only standard Python libraries and contains no malicious logic or network exfiltration capabilities.
- [PROMPT_INJECTION] (SAFE): The instructional content is strictly technical and does not attempt to manipulate agent behavior or bypass safety constraints.
- [CREDENTIALS_UNSAFE] (SAFE): The scanner utility proactively identifies hardcoded secrets in the scanned codebase and redacts them from the output, demonstrating a defensive security posture.
Audit Metadata