Phy Graphql Schema Audit

The skill's stated purpose (static, local GraphQL schema auditing) matches its instructions and requirements: it performs local file analysis, asks for no credentials, and has no install step or external downloads.

This skill appears coherent and local-only: it scans your repository for .graphql/.json schema files and analyzes them. Before running, review the full SKILL.md so you're comfortable with the Python/snippet commands it asks the agent to run; run audits in a development copy of your repo if you want to avoid accidental exposure of unrelated files. Note the examples show usage of npx get-graphql-schema to fetch introspection from a running server — if you use that, it will make outbound requests, so only run it against servers you trust. Finally, because this is instruction-only, ensure your agent execution environment enforces the same local-only behavior (no unexpected network/file access) if you are concerned about stricter isolation.