Convex Agents Rate Limiting
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): No instructions were found that attempt to override AI safety filters, ignore prior instructions, or manipulate core agent behavior (Category 1).
- [DATA_EXFILTRATION] (SAFE): The skill does not contain hardcoded credentials, API keys, or logic for sending sensitive local data to external domains. User identifiers are used appropriately as keys for rate-limiting buckets (Category 2).
- [EXTERNAL_DOWNLOADS] (SAFE): The code references the '@convex-dev/rate-limiter' package. While not on the predefined trusted list, it is a standard library for the Convex framework and used here solely for its intended defensive purpose. No suspicious remote code execution or piped shell commands were detected (Category 4).
- [INDIRECT_PROMPT_INJECTION] (SAFE): Mandated Evidence Chain: 1. Ingestion points: The skill processes 'message' and 'question' strings provided by the user. 2. Boundary markers: None are explicitly defined in the provided snippets. 3. Capability inventory: 'saveMessage', 'continueThread', and 'generateText' are invoked. 4. Sanitization: Not explicitly shown in the logic. Although an ingestion surface exists, it is necessary for the skill's primary defensive function of rate-limiting, and the severity is downgraded to SAFE accordingly (Category 8).
Audit Metadata