Skills
skills/sstobo/convex-skills/Convex Agents Workflows/Gen Agent Trust Hub

Convex Agents Workflows

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [Prompt Injection] (HIGH): The skill is vulnerable to indirect prompt injection (Category 8) due to its data processing and execution capabilities.
  • Ingestion points: The prompt and topic arguments defined in the simpleAgentFlow and researchFlow handlers in SKILL.md.
  • Boundary markers: Absent; untrusted inputs are directly interpolated into agent instructions (e.g., Research: ${topic}).
  • Capability inventory: The skill uses step.runMutation (database write/state modification) and step.runAction (LLM execution), meaning an injection can cause permanent data changes or external side effects.
  • Sanitization: No input validation, escaping, or delimiter usage is implemented.
  • [External Downloads] (MEDIUM): The skill relies on external packages that are not from the predefined trusted source list.
  • Evidence: Dependencies on @convex-dev/agent and @convex-dev/workflow are referenced in the setup and workflow definition sections of SKILL.md.
  • Risk: These packages originate from a non-whitelisted NPM organization, requiring additional manual verification of their security posture.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:55 AM