graphql-security

SUSPICIOUS: the skill’s stated purpose is GraphQL security hardening, but its actual footprint includes enabling offensive security actions and recommending third-party tools that may receive live auth headers. This is coherent with security testing, yet disproportionate for a general coding skill and high-risk for an AI agent because it can facilitate active exploitation and credential forwarding to external tools.