convex-security-audit
Security audit patterns for authorization, data access, action isolation, rate limiting, and sensitive operations in Convex applications.
- Covers five core security areas: role-based access control with hierarchical permissions, data access boundaries with ownership verification, action isolation for external API calls, rate limiting with configurable windows, and two-factor confirmation for destructive operations
- Includes complete TypeScript examples for RBAC implementation, permission-based checks, shared resource access patterns, and audit logging systems
- Provides defense-in-depth patterns including confirmation codes, internal actions, sanitized error responses, and audit trail recording for sensitive operations
- Emphasizes server-side validation, environment-based secrets management, and preventing information leakage through error details or API responses
Convex Security Audit
Comprehensive security review patterns for Convex applications including authorization logic, data access boundaries, action isolation, rate limiting, and protecting sensitive operations.
Documentation Sources
Before implementing, do not assume; fetch the latest documentation:
- Primary: https://docs.convex.dev/auth/functions-auth
- Production Security: https://docs.convex.dev/production
- For broader context: https://docs.convex.dev/llms.txt
Instructions
Security Audit Areas
More from waynesutton/convexskills
convex
Umbrella skill for all Convex development patterns. Routes to specific skills like convex-functions, convex-realtime, convex-agents, etc.
5.5Kconvex-best-practices
Guidelines for building production-ready Convex apps covering function organization, query patterns, validation, TypeScript usage, error handling, and the Zen of Convex design philosophy
3.1Kconvex-functions
Writing queries, mutations, actions, and HTTP actions with proper argument validation, error handling, internal functions, and runtime considerations
2.4Kconvex-schema-validator
Defining and validating database schemas with proper typing, index configuration, optional fields, unions, and migration strategies for schema changes
2.2Kconvex-realtime
Patterns for building reactive apps including subscription management, optimistic updates, cache behavior, and paginated queries with cursor-based loading
2.1Kconvex-cron-jobs
Scheduled function patterns for background tasks including interval scheduling, cron expressions, job monitoring, retry strategies, and best practices for long-running tasks
2.0K