vendure-graphql-writing
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGH
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to bypass safety filters or override agent behavior were detected.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file access, or unauthorized network operations were found.
- [Indirect Prompt Injection] (SAFE): While the skill guides the processing of external data (GraphQL inputs), it explicitly mandates the use of security decorators (@Allow), context threading (@Ctx), and input validation patterns to mitigate risks. Evidence: Ingestion points: GraphQL @Args in admin.resolver.ts and shop.resolver.ts; Boundary markers: Required @Allow() and @Ctx() decorators; Capability inventory: Database operations via service injection; Sanitization: Explicit logic for InputMaybe handling and error throwing.
- [Metadata Poisoning] (SAFE): Metadata fields are consistent with the skill's purpose and contain no malicious instructions.
- [False Positive Note] (INFO): The automated scanner's alert for the malicious URL 'this.ca' is a false positive. It incorrectly flagged a substring of the TypeScript method call 'this.canUpdate' in the provided code examples.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata