shopify-local-dev-loop
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documents standard development workflows using official Shopify tools.
- [COMMAND_EXECUTION]: Instructions include common development commands such as
npm install,shopify app dev, andvitest. These are standard for the described purpose of setting up a local development loop. - [EXTERNAL_DOWNLOADS]: The skill references official Shopify and Remix packages from the NPM registry. These are well-known, widely used libraries from trusted ecosystems.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials were found. The skill correctly uses placeholders like
your_api_key_hereandshpat_xxx, and explicitly mentions using.envfiles for local secrets, which is a recommended security practice.
Audit Metadata