graphql-architect
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill focuses on providing best practices for GraphQL API development, including schema design, performance optimization via DataLoader, and security measures like depth limiting.
- [EXTERNAL_DOWNLOADS] (LOW): The documentation and code examples reference several standard Node.js packages from the GraphQL ecosystem (e.g.,
dataloader,graphql-depth-limit,apollo-server). These are legitimate libraries and are presented as implementation guidance rather than automated installation scripts. Per [TRUST-SCOPE-RULE], these references are informative and low-risk. - [DATA_EXFILTRATION] (SAFE): No patterns for accessing sensitive files (e.g., SSH keys, credentials) or sending data to external network destinations were found.
- [PROMPT_INJECTION] (SAFE): The instructions are clearly defined and do not contain attempts to override agent safety filters or extract system prompts.
- [NO_CODE] (SAFE): The skill consists of markdown documentation and illustrative code snippets for reference. It does not include executable scripts, binaries, or automation that performs system-level operations.
Audit Metadata