Skills
NYC
skills/thebushidocollective/han/graphql-inspector-audit/Gen Agent Trust Hub

graphql-inspector-audit

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill frequently uses npx @graphql-inspector/cli and npm install -g @graphql-inspector/cli to fetch and execute packages from the public npm registry. These dependencies are not from the pre-approved trusted list.
  • COMMAND_EXECUTION (MEDIUM): The skill requires Bash access to execute CLI tools and shell scripts for auditing operations. This capability allows the agent to run arbitrary code downloaded from the internet.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill processes untrusted local data that could contain malicious payloads.
  • Ingestion points: Reads contents from ./src/**/*.graphql, ./src/**/*.tsx, and ./schema.graphql.
  • Boundary markers: None identified; the tool parses file contents based on glob patterns without input sanitization.
  • Capability inventory: Access to Bash (via npx), Read (local files), and Write (audit reports).
  • Sanitization: Absent; the skill relies on the third-party @graphql-inspector parser to handle potentially malicious or malformed GraphQL documents.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 08:00 PM