GraphQL Schema Documentation Builder

SUSPICIOUS. The skill’s stated purpose is plausible, but its trust story is inconsistent: it claims GraphQL upstream provenance while installation occurs through unrelated third-party skill registries/CLIs. This is mainly a supply-chain and transitive-install risk, not confirmed malware, and there is no evidence here of credential theft or malicious data routing.