graphql
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The scripts
scripts/graphql-client.shandscripts/schema-introspection.pyperform network requests to the GitHub GraphQL API. This is consistent with the skill's stated purpose of providing GraphQL tooling. No access to sensitive local files (like SSH keys or AWS credentials) was found. - [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill references standard, industry-recognized libraries such as
requestsin Python and theApollosuite in Node.js. There are no patterns of piping remote content to a shell or downloading executable code from untrusted sources. - [Indirect Prompt Injection] (LOW): The script
scripts/graphql-client.shinterpolates a username variable directly into a GraphQL query string. This creates a surface for GraphQL injection if the input is malicious, though in the context of a development tool, this is a common functional pattern. - Ingestion points:
usernameargument inscripts/graphql-client.sh. - Boundary markers: None present in the script's query construction.
- Capability inventory: Network access via
curl. - Sanitization: No sanitization of the
usernamevariable before interpolation. - [Command Execution] (LOW): The skill includes a bash script that uses
curlandjq. These are standard utilities used for their intended purpose of API communication and JSON parsing.
Audit Metadata