a6-recipe-graphql-proxy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). SKILL.md explicitly states APISIX extracts GraphQL variables from incoming POST bodies or the GET "query" parameter (e.g., graphql_operation, graphql_name) and uses them in route "vars" and plugin decisions, so untrusted user-supplied GraphQL requests are ingested at runtime and can materially influence routing and policy behavior.