web-graphql
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOW
Full Analysis
- SAFE (SAFE): No security issues were detected. The skill provides legitimate architectural guidance for Apollo Server, Express, and Prisma.
- CREDENTIALS_UNSAFE (SAFE): The implementation patterns correctly use environment variables (
process.env.COGNITO_USER_POOL_ID,process.env.COGNITO_CLIENT_ID) rather than hardcoding sensitive credentials. - EXTERNAL_DOWNLOADS (LOW): The skill references standard, industry-recognized libraries including
apollo-server-express,dataloader,@prisma/client, andaws-jwt-verify. These are trusted dependencies for the described stack. - INDIRECT_PROMPT_INJECTION (INFO): As a documentation skill, it has no direct ingestion of untrusted runtime data that could influence agent behavior beyond the provided templates.
Audit Metadata