optimize-shopify-alt-text
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches the official Shopify CLI from the npm registry and downloads product images from the Shopify Content Delivery Network (CDN) for processing. Both sources are well-known technology services, and these operations are standard for the skill's management purpose.
- [COMMAND_EXECUTION]: Executes Node.js and Shopify CLI commands to initialize the environment, perform store authentication, and execute GraphQL queries. These commands are restricted to the local context and standard Shopify management APIs.
- [CREDENTIALS_UNSAFE]: Manages Shopify Admin API tokens and Client IDs through a local environment file (
skill-hub.env). The instructions include mandatory steps to add this file to.gitignore, adhering to industry best practices for local secret management and preventing accidental credential exposure. - [SAFE]: No malicious patterns such as prompt injection, unauthorized data exfiltration, or obfuscated code were detected. The skill maintains a clean workspace by utilizing temporary system directories and ensuring temporary files are deleted after use.
Audit Metadata