GraphQL Schema Drift Detector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly states the skill uses the GraphQL introspection query (__schema) to fetch live schema definitions from running GraphQL endpoints and integrates with external schema registries like Apollo Studio and Hasura, meaning it ingests untrusted third-party schema content that the agent reads and uses to drive diffs, reports, and notifications.