The Agent Skills Directory

[SAFE]: No malicious patterns, obfuscation, or safety bypass instructions were detected within the skill's description or metadata.- [EXTERNAL_DOWNLOADS]: The skill installation utilizes the npx skills command to download content from the agentskillexchange registry, which is the official source for this vendor.- [DATA_EXFILTRATION]: The skill performs network requests to user-specified GraphQL endpoints to retrieve schema metadata. This connectivity is a documented requirement for its primary functionality and does not indicate unauthorized data access.- [PROMPT_INJECTION]: The skill ingests and processes untrusted metadata from external APIs (schema descriptions). This represents a surface for indirect prompt injection. Ingestion point: GraphQL introspection responses. Boundary markers: Absent. Capability inventory: Network requests to GraphQL APIs. Sanitization: Not specified. This is documented as an inherent architectural surface of the tool's functionality.

GraphQL Introspection Documenter