Skills
skills/graphistry/graphistry-skills/pygraphistry-gfql/Gen Agent Trust Hub

pygraphistry-gfql

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill documents the usage of gfql_remote and python_remote_table which are intended library functions for executing graph queries and Python lambdas on a remote Graphistry server. As these are documented SDK features from a recognized vendor, they represent normal functionality for the skill's domain.
  • [PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface where user-derived query fragments are processed by the agent.
  • Ingestion points: User-provided strings used in g.gfql() and rg.gfql_remote() as documented in SKILL.md.
  • Boundary markers: The provided code snippets do not include specific delimiters, but the accompanying text instructs users to validate inputs.
  • Capability inventory: The skill allows for remote query execution and remote Python code execution (lambdas).
  • Sanitization: Recommends the use of parse_cypher and compile_cypher from the Graphistry library to validate and normalize input before execution.
  • [SAFE]: No obfuscation techniques, credential exposure, or unauthorized persistence mechanisms were detected. The skill's behavior is consistent with its stated purpose of assisting with Graphistry GFQL query construction.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 08:52 AM