GraphQL Schema Introspection Mapper
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [METADATA_POISONING]: The skill's frontmatter contains a 'verification: security_reviewed' field. As per security analysis protocols, this is treated as a self-reported claim and does not constitute a valid security guarantee.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process data from external GraphQL schemas (via __schema introspection). This creates a surface for indirect prompt injection if the agent processes malicious schema definitions containing embedded instructions.
- Ingestion points: GraphQL introspection query results.
- Boundary markers: No delimiters or isolation strategies are described in the documentation.
- Capability inventory: Generates TypeScript types via graphql-codegen, SDL exports, and schema diff reports.
- Sanitization: The documentation does not specify sanitization or validation methods for the ingested schema content.
Audit Metadata