building-graphql-server
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill analyzes existing data models, database schemas, and resource specifications from the local environment. This process creates a vulnerability where malicious instructions embedded in those project files could influence the agent's actions.\n
- Ingestion points: Detected in
SKILL.md(Instruction 1) andreferences/implementation.md(Step 1).\n - Boundary markers: The instructions lack explicit delimiters or safety warnings to ignore instructions found within the processed files.\n
- Capability inventory: The skill has access to
Bash(api:graphql-*),Write,Edit,Read,Grep, andGlobacross all files.\n - Sanitization: No evidence of input validation or escaping for the ingested content is provided.\n- [COMMAND_EXECUTION]: The skill employs a scoped bash execution tool,
Bash(api:graphql-*), to automate the generation of boilerplate code and framework scaffolding based on its analysis of project files.
Audit Metadata