convex-security-check

Installation

Summary

Security audit checklist for Convex applications covering authentication, exposure, validation, and access control.

Five-part checklist covering authentication provider setup, function exposure (public vs. internal), argument validation strictness, row-level access control, and environment variable handling
Includes TypeScript code examples for secure patterns: authentication helpers, ownership verification before updates/deletes, and strict argument validators
Highlights common pitfalls like missing identity checks, exposed internal operations, and use of v.any() for sensitive data
Provides helper functions (requireAuth, requireAdmin) and complete security pattern examples for immediate implementation

SKILL.md

Convex Security Check

A quick security audit checklist for Convex applications covering authentication, function exposure, argument validation, row-level access control, and environment variable handling.

Documentation Sources

Before implementing, do not assume; fetch the latest documentation:

Primary: https://docs.convex.dev/auth
Production Security: https://docs.convex.dev/production
Functions Auth: https://docs.convex.dev/auth/functions-auth
For broader context: https://docs.convex.dev/llms.txt

Instructions

Security Checklist

Use this checklist to quickly audit your Convex application's security:

Related skills

More from waynesutton/convexskills

Installs

2.0K

Repository

waynesutton/convexskills

GitHub Stars

396

First Seen

Jan 24, 2026

Security Audits

Gen Agent Trust HubPass

SocketPass

SnykPass

convex-security-check

Convex Security Check

Documentation Sources

Instructions

Security Checklist

More from waynesutton/convexskills

convex

convex-best-practices

convex-functions

convex-schema-validator

convex-realtime

convex-cron-jobs