shopify-expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Indirect Prompt Injection] (SAFE): While the skill is designed to interpret user requirements (ingestion point), it does not define active capabilities like network access or file system modification in the provided file. Boundary markers and sanitization instructions are absent, but the lack of executable code limits the risk of injection becoming an exploit.
- [Prompt Injection] (SAFE): No patterns were found that attempt to bypass AI safety filters or override core system instructions.
- [Data Exposure] (SAFE): The skill identifies credential safety as a constraint, explicitly forbidding the hardcoding of API keys.
- [General Security] (SAFE): The skill follows e-commerce development best practices and presents no risk to the local environment.
Audit Metadata