graphql-review

What problem does it solve?

This Skill identifies design, security, and performance issues in GraphQL APIs by reviewing schemas, resolvers, and configuration to prevent N+1 queries, abuse, and breaking changes.

Core Features & Use Cases

• Schema design checks: naming consistency, nullability practices, connection-style pagination, input types, enums, and descriptions to avoid god types and breaking changes.
• N+1 prevention: detect resolver-level query patterns, recommend DataLoader/batching, and suggest query plan analysis and deferred/streamed responses.
• Security hardening: validate query depth and complexity limits, rate limiting, introspection policies, field-level authorization, input validation, and persisted queries for production.
• Performance & federation: recommend caching strategies, automatic persisted queries, connection pooling, and validate federation directives and subgraph composition.
• Use Case: Run this review on repositories containing .graphql schema files and resolver implementations to generate prioritized remediation and hardening tasks.

Quick Start

Run a GraphQL design and security review on schema.graphql and resolver source to identify N+1, complexity, and authorization issues.