shopify-headless-commerce
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a technical reference for building Shopify storefronts. All network communications are directed to the official Shopify domain (
myshopify.com) for API interactions. - [DATA_EXPOSURE_&_EXFILTRATION]: Analysis of the provided GraphQL wrappers and examples shows no hardcoded secrets or credentials. Authentication headers use standard placeholder variables (e.g.,
STOREFRONT_TOKEN,customerAccessToken). The documentation correctly advises using server-side tokens for private access and secure storage (httpOnly cookies) for session tokens. - [REMOTE_CODE_EXECUTION]: There are no patterns involving the download or execution of remote scripts. No package managers (npm, pip) or shell commands are utilized.
- [INDIRECT_PROMPT_INJECTION]: The skill documentation identifies surfaces where user-provided data enters the application flow, such as cart notes or customer profile fields.
- Ingestion points: Customer data (email, names) in
references/account.mdand cart metadata (notes, attributes) inreferences/cart.md. - Boundary markers: Not explicitly defined in the provided code snippets.
- Capability inventory: Functionality is restricted to fetching/mutating data via Shopify's GraphQL API; no file system or system command capabilities are present.
- Sanitization: The skill relies on GraphQL's typed schema (e.g.,
String!,ID!) to ensure data integrity during API transmission.
Audit Metadata