shopify-apps
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a comprehensive educational resource for Shopify app development, focusing on official tooling and frameworks.
- [CREDENTIALS_SAFE]: The instructions explicitly guide users to store sensitive information like
SHOPIFY_API_KEYandSHOPIFY_API_SECRETin environment variables (.env) and configuration files that are noted as 'DO NOT COMMIT'. This aligns with industry-standard secret management practices. - [EXTERNAL_DOWNLOADS]: The skill references well-known and trusted packages such as
@shopify/cliand various@shopify/*Remix and UI libraries. These are official tools provided by Shopify for their developer ecosystem. - [DATA_EXPOSURE_SAFE]: Code patterns for the GraphQL Admin API and webhook handling demonstrate secure authentication methods (
authenticate.admin,authenticate.webhook) provided by the Shopify SDK, ensuring that data access is properly authorized.
Audit Metadata