shopify-setup

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs copying and embedding the Admin API access token into files and curl commands (e.g., .dev.vars and -H "X-Shopify-Access-Token: {token}"), which requires the LLM/agent to handle and potentially output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Step 3 workflow explicitly instructs the agent/user to navigate and interact with the store admin pages (https://{store}.myshopify.com/admin/... ) and even suggests using browser automation to assist in the admin UI, which requires fetching and interpreting content from a third-party store admin site that could contain untrusted/user-provided data and influence subsequent actions (e.g., copying tokens, clicking buttons).