shopify-setup
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official Shopify CLI package (
@shopify/cli) via npm. Shopify is a well-known technology provider, and this is a standard development practice. - [COMMAND_EXECUTION]: Executes routine commands for environment setup, including package installation, version verification, and authentication via the
shopifyCLI tool. It also usescurlto interact with the official Shopify Admin API for connection verification. - [CREDENTIALS_UNSAFE]: The skill demonstrates safe handling of sensitive information. It explicitly warns against committing tokens to version control and provides instructions for using
.gitignorewith environment variables or utilizing a secure MCP Vault for secret storage. Only placeholders are used for example tokens.
Audit Metadata