diff --git a/src/Appwrite/GraphQL/Resolvers.php b/src/Appwrite/GraphQL/Resolvers.php
index 8da3fac586..2697c73fe7 100644
--- a/src/Appwrite/GraphQL/Resolvers.php
+++ b/src/Appwrite/GraphQL/Resolvers.php
@@ -291,13 +291,7 @@ class Resolvers
             return;
         }
 
-        foreach ($payload as $key => $value) {
-            if (\str_starts_with($key, '$')) {
-                $escapedKey = \str_replace('$', '_', $key);
-                $payload[$escapedKey] = $value;
-                unset($payload[$key]);
-            }
-        }
+        $payload = self::escapePayload($payload, 1);
 
         if ($beforeResolve) {
             $payload = $beforeResolve($payload);
@@ -305,4 +299,24 @@ class Resolvers
 
         $resolve($payload);
     }
+
+    private static function escapePayload(array $payload, int $depth) {
+        if($depth > App::getEnv('_APP_GRAPHQL_MAX_DEPTH', 3)) {
+            return;
+        }
+
+        foreach ($payload as $key => $value) {
+            if (\str_starts_with($key, '$')) {
+                $escapedKey = \str_replace('$', '_', $key);
+                $payload[$escapedKey] = $value;
+                unset($payload[$key]);
+            }
+
+            if(\is_array($value)) {
+                $payload[$key] = self::escapePayload($value, $depth + 1);
+            }
+        }
+
+        return $payload;
+    }
 }