graphql-implementation
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADS
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill references several external dependencies including
@apollo/server,dataloader,graphene,flask, andflask-graphql. These are widely-used, standard packages from reputable public registries (npm and PyPI). Per the analysis rules, these are classified as LOW severity because they are standard dependencies for the skill's stated purpose. - COMMAND_EXECUTION (LOW): The Python implementation in
references/python-graphene.mdusesapp.run(debug=True). While intended for local development, if deployed in a production environment, debug mode can expose an interactive debugger that allows for remote code execution. This is a common configuration risk rather than a malicious pattern.
Audit Metadata