thegraph-mcp-skill
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or unauthorized data access behaviors were detected in the skill's instructions or scripts.
- [COMMAND_EXECUTION]: The skill utilizes the uxc tool to create a local command link (thegraph-mcp-cli) and perform GraphQL queries. These operations are restricted to the intended functionality of interacting with The Graph's API.
- [EXTERNAL_DOWNLOADS]: The skill connects to a well-known service endpoint (https://subgraphs.mcp.thegraph.com/sse) to fetch subgraph data and execute queries. This connection is documented neutrally as a core part of the skill's service integration.
- [CREDENTIALS_UNSAFE]: Auth handling is performed through a dedicated credential management system (uxc auth credential) using environment variables (THEGRAPH_API_KEY). No hardcoded secrets or unsafe exposures were found.
- [INDIRECT_PROMPT_INJECTION]: While the skill ingests external data from GraphQL queries, it mitigates risk by recommending help-first inspection, schema validation, and small query scopes. As a documentation-focused skill, it does not present a direct vulnerability surface for automated injection.
Audit Metadata