graph-query
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
Bash(python3 *)tool to execute a local script located at.claude/skills/graph-query/scripts/run_query.py. - The script is a standard entry point that utilizes an internal CLI framework and passes user natural language queries to a data processing module.
- [SAFE]: No malicious patterns were detected in the skill's code or metadata.
- Prompt Injection: There are no instructions attempting to bypass safety filters or override system prompts.
- Data Exfiltration: The script interacts with local modules and does not perform unauthorized network requests or access sensitive local files (e.g., SSH keys, credentials).
- Obfuscation: The code is clear, readable, and does not contain encoded or hidden content.
- Dependency Integrity: The script relies on local project imports (
scripts.cli_framework,src.data.graph_nl_query) which are treated as trusted vendor resources.
Audit Metadata