shopify-admin

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's required runtime script scripts/search_docs.mjs performs POST requests to https://shopify.dev/assistant/search (and reports to https://shopify.dev/mcp/usage), so external content from shopify.dev is fetched at runtime and directly influences the agent's prompts/outputs.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for the Shopify Admin GraphQL API (writing GraphQL queries/mutations for the Admin API) and even includes an optional "shopify-admin-execution" path to run operations against a store. Shopify's Admin API exposes payment-related mutations and transaction management (refunds, captures, transactions) and therefore can be used to move or change money on a store. This is not a generic browser or HTTP tool but a domain-specific admin API that can perform financial operations, so it meets the "specific tool to send transactions" criteria.