apollo-connectors
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [Command Execution] (SAFE): The skill utilizes the 'rover' CLI (Apollo's official tool) for schema composition, execution, and testing. These are standard development operations for the stated purpose of managing GraphQL supergraphs.
- [Data Exposure] (SAFE): The documentation explicitly recommends using
$envenvironment variables for sensitive data like API keys (e.g.,Authorization: Bearer {$env.API_KEY}), which aligns with security best practices for secret management. - [Prompt Injection] (SAFE): No instructions designed to override agent safety filters or bypass system prompts were identified. The 'Key Rules' and 'Ground Rules' sections focus exclusively on technical syntax and development workflows.
- [Indirect Prompt Injection] (LOW): As a development tool, the skill ingests API responses and schemas provided by the user (Ingestion Points in SKILL.md Step 1). However, the skill utilizes strict GraphQL schema delimiters and a specific mapping grammar (defined in references/grammar.md) which acts as a boundary against control-flow manipulation. Capabilities are limited to 'rover' and 'curl' for the intended development lifecycle.
- [Obfuscation] (SAFE): All files, including reference guides and EBNF grammar specifications, are written in clear, plain text with no evidence of encoding, zero-width characters, or homoglyphs.
Audit Metadata