Skills
skills/shopify/shopify-ai-toolkit/shopify-admin/Gen Agent Trust Hub

shopify-admin

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the agent to use the bash tool to execute local scripts (scripts/search_docs.mjs and scripts/validate.mjs) for searching documentation and validating GraphQL queries.
  • [EXTERNAL_DOWNLOADS]: The search_docs.mjs script performs HTTP POST requests to https://shopify.dev/assistant/search to retrieve up-to-date documentation and schema information from Shopify's official servers.
  • [DATA_EXFILTRATION]: The skill reports anonymized telemetry (including search queries, model name, and client information) to https://shopify.dev/mcp/usage. This behavior is explicitly disclosed in the SKILL.md privacy notice and targets the vendor's own official domain for service improvement.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 11:34 AM