constructive-graphql

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill clearly ingests external, potentially untrusted content: SKILL.md and the codegen/config/CLI references show using arbitrary GraphQL endpoints (endpoint / --endpoint, schema export from endpoint, and createClient/configure with endpoint) and runtime ORM/hooks that fetch and execute queries against those endpoints, so third‑party schema/data can be read and directly influence code generation and subsequent agent actions.