convex-security-audit
Provides comprehensive security review patterns for Convex applications, focusing on authorization logic, data access, and sensitive operations.
Install this skill
or
76/100
Security score
The convex-security-audit skill was audited on Mar 1, 2026 and we found 8 security issues across 4 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 82
Template literal with variable interpolation in command context
SourceSKILL.md
| 82 | message: `Role '${minRole}' or higher required`, |
medium line 115
Template literal with variable interpolation in command context
SourceSKILL.md
| 115 | message: `Permission '${permission}' required`, |
medium line 253
Template literal with variable interpolation in command context
SourceSKILL.md
| 253 | "Authorization": `Bearer ${apiKey}`, |
medium line 359
Template literal with variable interpolation in command context
SourceSKILL.md
| 359 | message: `Too many requests. Try again in ${Math.ceil(rateCheck.retryAfter! / 1000)} seconds`, |
low line 250
Fetch to external URL
SourceSKILL.md
| 250 | const response = await fetch("https://api.example.com/query", { |
low line 238
Access to .env file
SourceSKILL.md
| 238 | const apiKey = process.env.EXTERNAL_API_KEY; |
low line 280
Access to .env file
SourceSKILL.md
| 280 | const stripeKey = process.env.STRIPE_SECRET_KEY; |
low line 250
External URL reference
SourceSKILL.md
| 250 | const response = await fetch("https://api.example.com/query", { |
Scanned on Mar 1, 2026
View Security DashboardInstall this skill with one command
/learn @debsouryadatta/convex-security-audit