vtex-io-graphql
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines implementation patterns for GraphQL resolvers that ingest external data via query arguments, establishing a potential surface for indirect prompt injection.
- Ingestion points: GraphQL resolver arguments (
args) in the implementation examplenode/resolvers/reviews.ts(e.g.,productId,id,input). - Boundary markers: The provided code examples do not incorporate explicit boundary markers or instructions for the model to ignore embedded commands within the processed data.
- Capability inventory: The resolvers demonstrate the use of
ctx.clients.masterdatato perform search, creation, and deletion operations on the application's data layer. - Sanitization: In the canonical implementation pattern, user-provided arguments are interpolated directly into query strings (e.g.,
where: productId=${productId} AND approved=true) without explicit validation or escaping logic shown in the examples.
Audit Metadata