graphql-expert
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [SAFE] (SAFE): The analyzed files are markdown documents containing code snippets for educational purposes. There are no executable scripts (.sh, .py, .js), configuration files that trigger automation, or binary assets included in the skill.
- [NO_CODE] (INFO): No functional logic or automated tasks are defined. The skill serves as a knowledge base or context for an agent rather than a tool for execution.
- [SECURITY_BEST_PRACTICES] (INFO): The file
references/security-examples.mdcorrectly identifies and provides mitigations for critical GraphQL vulnerabilities such as Unbounded Queries, SQL Injection, and Introspection exposure. Vulnerable code is explicitly marked with '❌ NEVER DO THIS'.
Audit Metadata