GraphQL Schema Introspector
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface\n
- Ingestion points: The skill ingests schema metadata and field descriptions from external GraphQL API endpoints during introspection as described in
SKILL.md.\n - Boundary markers: No explicit boundary markers or directives to ignore embedded instructions are specified for handling field-level descriptions or metadata from the external schema.\n
- Capability inventory: The skill connects to network endpoints, parses schemas, and generates documentation based on the received metadata.\n
- Sanitization: There is no mention of sanitization or validation for descriptions or other user-controlled metadata within the GraphQL schema before it is processed by the agent.\n- [SAFE]: The skill uses the official
graphql-jsreference implementation and references the well-knowngraphqlGitHub repository.
Audit Metadata