strawberry-graphql
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, API keys, or sensitive file paths were detected. The skill correctly implements the
Private[T]annotation to prevent sensitive data from being exposed in the GraphQL schema. - [Unverifiable Dependencies & Remote Code Execution] (SAFE): All mentioned libraries (FastAPI, Strawberry, SQLAlchemy, Redis) are reputable and standard within the Python ecosystem. There are no instances of downloading or executing remote scripts.
- [Indirect Prompt Injection] (LOW): The skill provides patterns for building APIs that handle external user input. It mitigates injection risks by demonstrating strict input validation, type-safe resolvers, and comprehensive permission classes (e.g.,
IsAuthenticated,IsOwner). - [Obfuscation] (SAFE): The provided code and documentation are clear and readable, with no evidence of encoded commands, hidden Unicode characters, or homoglyph attacks.
- [Privilege Escalation] (SAFE): No use of
sudo,chmod, or other commands designed to elevate process privileges were found in the provided templates.
Audit Metadata