shopify-development
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill documentation recommends installing the Shopify CLI via npm (
npm install -g @shopify/cli). Since the Shopify organization is not listed in the trusted sources whitelist, this is flagged as a low-severity finding consistent with the skill's primary purpose. - [COMMAND_EXECUTION] (SAFE): The skill uses standard Shopify CLI commands for project initialization and development (
shopify app init,shopify theme dev). These are safe and expected for the intended use case. - [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection because it processes data from external Shopify API endpoints.
- Ingestion points: Product and order data fetched via GraphQL queries in
SKILL.md. - Boundary markers: Absent; the skill does not use specific delimiters or instructions to treat API-sourced data as untrusted content.
- Capability inventory: The skill possesses the ability to execute CLI commands and deploy code to the Shopify platform.
- Sanitization: Absent; the provided snippets do not include logic for sanitizing or escaping strings retrieved from external data sources.
- [DATA_EXFILTRATION] (SAFE): No exfiltration patterns were detected. The skill correctly identifies security requirements such as verifying webhook signatures and securing API credentials.
Audit Metadata