vtex-io-graphql-api
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a documentation guide for developers working with GraphQL in the VTEX IO ecosystem. It includes clear instructions on schema definition, resolver implementation, and configuration.
- [SAFE]: Security best practices are actively promoted, specifically the use of the
@authdirective to prevent unauthorized access to mutations and sensitive data queries. This demonstrates a proactive security posture. - [SAFE]: The guidance correctly identifies the risk of bypassing the platform's internal client system (
ctx.clients), which is essential for maintaining consistent logging, authentication, and performance metrics. - [SAFE]: No indicators of prompt injection, data exfiltration, obfuscation, or unauthorized remote code execution were found. All code samples and architectural recommendations align with standard, documented VTEX IO development practices.
Audit Metadata