Skills
skills/jezweb/claude-skills/shopify-products/Gen Agent Trust Hub

shopify-products

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • Prompt Injection (LOW): The skill is vulnerable to indirect prompt injection because it ingests untrusted data from multiple sources.
  • Ingestion points: As stated in SKILL.md (Step 1), data is gathered from direct conversation, user-provided CSV files, and website scraping.
  • Boundary markers: Absent. The instructions do not specify the use of delimiters or 'ignore' instructions for the data being processed.
  • Capability inventory: The skill utilizes curl for GraphQL mutations to create/update products and collections, and it generates CSV files (documented in SKILL.md and references/graphql-mutations.md).
  • Sanitization: Absent. There is no mention of validating or escaping data before it is interpolated into API requests or file content.
  • Command Execution (LOW): The skill uses curl commands in shell blocks to interact with the Shopify Admin API. These commands incorporate variables like {store} and {token} sourced from configuration files.
  • Data Exfiltration (LOW): The skill initiates network requests to Shopify API endpoints (e.g., https://{store}/admin/api/2025-01/graphql.json). While these requests are essential for the skill's functionality, they target domains that are not part of the standard trusted whitelist.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 11:05 AM