Skills
skills/apollographql/skills/skill-creator/Gen Agent Trust Hub

skill-creator

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns, data exfiltration risks, or prompt injection attempts were detected within the skill instructions or reference files.
  • [REMOTE_CODE_EXECUTION]: The skill demonstrates positive security awareness by explicitly instructing developers NEVER to include Bash(curl:*) in the allowed-tools field to prevent remote code execution vulnerabilities.
  • [COMMAND_EXECUTION]: The provided CLI examples (e.g., Rover CLI) are standard development commands used for graph management and do not involve privilege escalation or suspicious behavior.
  • [DATA_EXFILTRATION]: All network references point to official Apollo GraphQL documentation or the Agent Skills specification site. No hardcoded credentials or sensitive file path access patterns were found.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 09:25 AM