Detect GraphQL injection vulnerabilities
sast-graphqlskillsetup L3★0
reasonless-throne486/sast-skills ↗What it does
Detect GraphQL injection vulnerabilities
Best for
Finding query string injection that reaches GraphQL parsers (not resolver SQL injection)
Inputs
- · Codebase under analysis
- · sast/architecture.md (prerequisite)
Outputs
- · sast/graphql-results.md with consolidated findings
- · Unsafe operation document assembly sites identified
Preconditions
- · sast/architecture.md must exist
- · GraphQL technology confirmed in recon
Failure modes
- · No GraphQL detected → later phases skipped
- · Static template not flagged if truly static
- · Persisted query IDs safe if allowlisted
Trust signals
- · Three-phase: recon + batched verify + merge
- · Distinguishes from IDOR and introspection issues
- · Covers variables vs. document structure distinction