graph-viewer
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses official vendor packages (
@cognite/sdk,@cognite/dune) and well-known open-source libraries (reagraph,lucide-react) for its core functionality. All dependencies are consistent with the claimed purpose. - [SAFE]: Data fetching is handled through the authenticated Cognite SDK. The
graph-service.tsfile implements pagination and limits (initialConnectionLimit,maxTotal) to ensure predictable performance and resource usage. - [SAFE]: Dynamic icon generation in
graph-config.tsuses static SVG paths and the standardbtoafunction for Base64 encoding. This is a legitimate implementation of data-URI icons and does not represent an obfuscation or code execution risk. - [SAFE]: No prompt injection or adversarial patterns were found in the integration instructions (SKILL.md) or component documentation (README.md).
- [SAFE]: The skill correctly manages sensitive data by relying on the application's authenticated SDK provider (
useDune) rather than hardcoding credentials or exposing environment variables.
Audit Metadata