convex-doctor
Warn
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to run
npx convex-doctor@latest, which downloads and executes a package from the NPM registry. This package originates from an external source (nooesc) that is not identified as a pre-approved trusted provider. - [COMMAND_EXECUTION]: The workflow requires executing several shell commands, including
npx convex-doctor@latest,npx convex codegen,npx tsc --noEmit, andnpm run build. These commands are used to perform static analysis, generate code, and verify builds. - [PROMPT_INJECTION]: The skill processes output from an external tool to guide code remediation. This creates a surface where malicious or malformed tool output could potentially influence the agent's actions during the fix process.
- Ingestion points: Standard output and findings from the
convex-doctortool. - Boundary markers: Not present; the instructions do not specify delimiters for tool output.
- Capability inventory: The skill allows for broad code modifications across the
convex/directory based on tool findings. - Sanitization: No specific validation or sanitization of the tool findings is described before the agent applies fixes.
Audit Metadata