convex-authz
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill serves as a technical integration guide for the
@djpanda/convex-authzlibrary. All described functionalities, such as role-based access control and relationship-based authorization, are standard security features for application development. - [EXTERNAL_DOWNLOADS]: The skill instructs users to install the
@djpanda/convex-authzpackage from npm. This package and its associated GitHub repository (dbjpanda/convex-authz) are legitimate vendor resources. - [COMMAND_EXECUTION]: Provides instructions for running setup commands via the Convex CLI (
npx convex run), which is standard practice for configuring Convex components and scheduled cleanup jobs. - [DATA_EXFILTRATION]: No suspicious data handling or exfiltration patterns were identified. The library handles standard authorization identifiers such as
userIdandtenantIdwithin the context of the Convex platform. - [PROMPT_INJECTION]: The skill does not contain any instructions that attempt to override the AI agent's behavior or safety guidelines.
Audit Metadata