convex-tanstack
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns, obfuscation, or unauthorized data access were detected. The skill provides boilerplate code and educational content for a legitimate technology stack.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references standard initialization commands (e.g.,
npm create convex@latest) and well-known packages in the React/Convex ecosystem. These are standard development practices for the described stack. - [INDIRECT_PROMPT_INJECTION] (SAFE): While the skill provides templates for building AI agents in
references/09-agents.mdthat ingest user input, these are purely educational examples for the user's own application and do not represent a vulnerability within the skill itself. The examples include standard sanitization patterns likeJSON.stringifyfor tool outputs.
Audit Metadata