apollo-router
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- SAFE (SAFE): No security issues detected. The skill consists exclusively of YAML configuration templates and Markdown documentation for the Apollo Router gateway.
- [Security Configuration] (SAFE): The provided templates for JWT authentication and CORS policies are correctly structured. The skill correctly distinguishes between v1 and v2 schema requirements to prevent configuration errors that could lead to security bypasses.
- [Hardening & Best Practices] (SAFE): The
validation/checklist.mdandtemplates/v2/production.yamlfiles include best-practice recommendations for production environments, such as disabling GraphQL introspection, the Apollo Sandbox, and wildcard CORS origins. - [Credential Management] (SAFE): The skill utilizes environment variable expansion (e.g.,
${env.JWT_ISSUER},${env.API_KEY}) for all sensitive parameters, ensuring that secrets are not hardcoded in the configuration files. - [Safe Customization Documentation] (SAFE): Documentation regarding Rhai scripts and Coprocessors describes standard extensibility features of the Apollo Router. The provided examples are benign and focus on routine tasks like header propagation and basic authentication checks.
Audit Metadata