Skills
skills/subconscious-systems/skills/convex-subconscious/Gen Agent Trust Hub

convex-subconscious

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill's architecture establishes a surface for indirect prompt injection by design, as the agent processes data from external HTTP tools and user-provided instructions.\n
  • Ingestion points: Data enters the agent's context through the instructions argument in convex/agent.ts and the body of requests handled by tool endpoints in convex/http.ts.\n
  • Boundary markers: The reference implementations do not demonstrate the use of delimiters or 'ignore' instructions to isolate untrusted content from the agent's primary system instructions.\n
  • Capability inventory: The agent can trigger state changes in the database via Convex mutations and perform external network operations through the defined tool calling interface.\n
  • Sanitization: No logic for input validation, escaping, or filtering is included in the provided code snippets to protect the agent context from adversarial data injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 05:42 PM