convex-backend-development
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns detected. The skill consists of markdown documentation and code templates for Convex backend development.
- [DATA_EXPOSURE] (SAFE): No hardcoded credentials, API keys, or sensitive file paths were detected in the files.
- [COMMAND_EXECUTION] (SAFE): There are no patterns involving shell command execution, subprocess spawning, or system-level operations.
- [EXTERNAL_DOWNLOADS] (SAFE): While an example
fetchcall is shown in a code snippet, it is for illustrative purposes in an 'Action' template and does not represent the skill downloading or executing remote code itself. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill describes handling external data (game codes, API responses). Evidence: 1. Ingestion points:
argsin queries and API responses in actions. 2. Boundary markers: Not explicitly required for this documentation-only skill. 3. Capability inventory: Standard database CRUD via Convex SDK. 4. Sanitization: The skill explicitly demonstrates using Convex validators (e.g.,v.string()) to ensure input integrity.
Audit Metadata