If you clean up the query during the check if they are valid or not, you won’t have any problem. But if you expose that variable for the user, he could only “inject” not allowed edges. But He can’t do any harm.
1 Like