Skills
skills/pjt222/development-guides/use-graphql-api/Gen Agent Trust Hub

use-graphql-api

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing data from external GraphQL APIs and using it in subsequent shell operations.
  • Ingestion points: GraphQL API responses fetched via gh api and curl (SKILL.md).
  • Boundary markers: Absent; there are no instructions to the agent to treat API data as untrusted or to ignore instructions embedded within it.
  • Capability inventory: Subprocess execution via Bash (SKILL.md) and use of Write/Edit tools.
  • Sanitization: Absent; while jq is used for parsing, the extracted values are interpolated directly into shell variables and commands.
  • [COMMAND_EXECUTION]: The skill utilizes standard command-line tools including gh, curl, jq, and grep to perform API operations and process data.
  • [EXTERNAL_DOWNLOADS]: The skill performs network requests to GraphQL endpoints, including GitHub and generic API placeholders (e.g., api.example.com), which are expected for its stated purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 07:14 AM
Security Audit — agent-trust-hub — use-graphql-api