The Agent Skills Directory

[DATA_EXFILTRATION]: The skill queries Shopify for PII, including customer names and shipping addresses, as well as order notes. This data is extracted and written to a local CSV file (order_notes_<date>.csv). This behavior is consistent with the skill's declared purpose of generating fulfillment reports.
[COMMAND_EXECUTION]: Uses the shopify-admin toolkit and standard CLI authentication commands (shopify store auth). No arbitrary shell execution or suspicious command patterns were detected.
[INDIRECT_PROMPT_INJECTION]: 1. Ingestion points: Shopify order notes and custom attributes (SKILL.md). 2. Boundary markers: None explicitly mentioned for the CSV output. 3. Capability inventory: File system write operations for report generation. 4. Sanitization: No sanitization or validation of the ingested order notes is described. An attacker could embed malicious instructions in order notes; however, the impact is limited as the data is primarily tabulated into a CSV format rather than executed by the agent.

shopify-admin-order-notes-and-attributes-report