graphql-methodology
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely educational/methodological. It contains GraphQL query and mutation examples intended for penetration testing of target APIs.
- [PROMPT_INJECTION]: No attempts to override agent constraints or bypass safety filters were found. The instructional language is appropriate for a security testing guide.
- [DATA_EXFILTRATION]: There are no commands or scripts that access sensitive local files (like .env or .ssh) or exfiltrate data to remote servers.
- [COMMAND_EXECUTION]: The skill does not contain shell commands, subprocess calls, or scripts that execute on the host system.
- [EXTERNAL_DOWNLOADS]: No remote scripts or packages are downloaded. The mentions of tools like Clairvoyance are purely for information.
Audit Metadata