shopify-admin-execution
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the generation of
shopify store authandshopify store executecommands. These instructions ensure commands are properly scoped using specific flags like--store,--scopes, and--query, allowing for predictable and controlled interaction with the Shopify Admin API. - [SAFE]: A significant security control is the requirement for a pre-execution validation step using
scripts/validate.mjs. This design ensures that any generated GraphQL operation is verified for syntax and safety before the agent provides the final executable command to the user. - [SAFE]: The skill follows the principle of least privilege by instructing the agent to derive the minimum necessary scopes (e.g.,
read_products,write_inventory) based on the validated operation, and uses placeholders for sensitive domain information.
Audit Metadata