shopify-products
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill enables gathering product details via website scraping (SKILL.md), which creates an entry point for indirect prompt injection. Malicious instructions placed on an external website could potentially influence the agent's behavior during product creation or updates.\n
- Ingestion points: Website scraping from user-provided URLs as specified in the Workflow section of SKILL.md.\n
- Boundary markers: None. The instructions do not specify any delimiters or warnings to ignore instructions embedded in the scraped data.\n
- Capability inventory: The skill leverages curl commands to perform sensitive write operations on the Shopify Admin API, including product creation, updates, and collection assignments (references/graphql-mutations.md).\n
- Sanitization: No sanitization or validation logic is defined for the data extracted from scraped websites before it is used to construct API requests.\n- [COMMAND_EXECUTION]: The skill provides curl command templates for interacting with the Shopify GraphQL API. While these are for legitimate administration, they involve executing shell commands that use environment variables or local configuration files like shopify.config.json and .dev.vars for authentication.
Audit Metadata