graphql-security
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGH
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to override agent behavior or bypass safety filters.
- Data Exposure & Exfiltration (SAFE): Sensitive information is managed via environment variables. No hardcoded credentials or data exfiltration attempts were found.
- Obfuscation (SAFE): All code and instructions are in plain, readable text with no encoding or hidden characters.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill references reputable and standard npm libraries. There are no patterns of downloading or executing remote code.
- Indirect Prompt Injection (SAFE): The skill provides instructions for the secure processing of untrusted data, effectively mitigating potential injection surfaces.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata