constructive-graphql-query
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is authored by 'constructive-io' and utilizes its own official package '@constructive-io/graphql-query' for runtime GraphQL generation. This is a legitimate vendor resource.
- [SAFE]: Network operations use the standard 'fetch' API to communicate with a local or relative '/graphql' endpoint for schema introspection and data operations. This is standard behavior for a web-based GraphQL client.
- [SAFE]: No obfuscation, hardcoded credentials, or suspicious remote code execution patterns were found. The dynamic generation of GraphQL strings is the primary, well-documented purpose of the tool.
Audit Metadata