graphql-architect
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): The skill contains no instructions designed to override the agent's system prompt, bypass safety guardrails, or reveal internal configurations.
- Data Exposure & Exfiltration (SAFE): No patterns of credential access, sensitive file reading (e.g., SSH keys, env files), or unauthorized data transmission were detected.
- Obfuscation (SAFE): All documentation and code examples are provided in clear, human-readable text without any encoded or hidden characters.
- Unverifiable Dependencies & RCE (SAFE): The skill references standard, reputable Node.js packages for GraphQL development but does not include scripts that perform automated installation or remote code execution.
- Indirect Prompt Injection (INFO): The skill provides architectural advice based on user requirements. However, it lacks any high-risk capabilities such as file-system writes, network calls, or command execution, meaning any potential injection in the input would only influence the generated text output without side effects.
Audit Metadata