graphql-operations
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No security issues were detected. The skill is an educational resource providing documentation on GraphQL best practices.
- COMMAND_EXECUTION (LOW): The skill frontmatter allows the use of
Bash(npm:*)andBash(npx:*). This is intended for the installation and execution of standard GraphQL development utilities (likegraphql-codegen) as outlined in thetooling.mdfile. No suspicious, hardcoded, or obfuscated command strings were found. - EXTERNAL_DOWNLOADS (LOW): The documentation suggests the installation of several well-known and reputable packages from the npm registry. These are industry-standard tools for GraphQL development (e.g.,
@graphql-codegen/cli,@graphql-eslint/eslint-plugin) and do not represent a security risk.
Audit Metadata