bitquery-graphql-skill
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill connects to official Bitquery domains (streaming.bitquery.io and oauth2.bitquery.io) for GraphQL queries and OAuth authentication. These are well-known, service-specific endpoints related to the skill's primary function.
- [COMMAND_EXECUTION]: The skill utilizes the uxc command-line tool to manage authentication bindings and create a local command alias (bitquery-graphql-cli) for interacting with the remote GraphQL endpoint.
- [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: The skill ingests structured data from Bitquery GraphQL responses as documented in SKILL.md.
- Boundary markers: No specific delimiters or boundary instructions are provided for the agent when processing tool output.
- Capability inventory: The skill possesses shell execution capabilities through the uxc tool and linked command.
- Sanitization: Relies on the uxc tool's internal parsing of GraphQL JSON responses and the agent's default safety guardrails.
Audit Metadata