GraphQL Schema Registry

SUSPICIOUS: the skill’s GraphQL-focused purpose is plausible, but the trust chain is weak. The main concern is transitive installation from a third-party publisher not clearly linked to the declared `source`, plus an unusually broad feature set with underspecified data flows. No direct credential theft or confirmed malicious behavior is visible in the provided text.