constructive-graphql-codegen

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly supports fetching/inspecting remote GraphQL schemas and endpoints (e.g., SKILL.md and examples like --endpoint https://api.example.com/graphql and programmatic endpoint/schemaOnly options) so the agent ingests external, potentially untrusted schema and documentation which it then uses to generate code, CLI tools, and agent-facing docs—allowing third-party content to materially influence generated tooling and actions.