shopify-ci-integration
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate templates for automating Shopify app development workflows, including testing and deployment.
- [DATA_EXFILTRATION]: Correctly instructs users to store sensitive credentials (API keys, access tokens) in GitHub Repository Secrets rather than hardcoding them in the workflow files. Network operations within the generated CI pipeline are directed at official Shopify domains for version validation.
- [EXTERNAL_DOWNLOADS]: References official, well-known GitHub Actions (actions/checkout, actions/setup-node) and utilizes the official Shopify CLI via npx, which are standard and safe practices for CI/CD environments.
Audit Metadata