shopify-functions

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.90). The prompt includes explicit instructions to embed the assistant's “actual model name” and client identity in validation commands (and to always run external bash tools), which requests internal/agent-identifying information and forces external actions unrelated to the stated goal of writing Shopify function code — a hidden/exfiltratory instruction outside the skill's purpose.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires running scripts/search_docs.mjs at runtime, which performs a network fetch to https://shopify.dev/assistant/search (and related reporting to https://shopify.dev/mcp/usage) and returns documentation that the agent must use to construct its code/instructions, so external content directly controls agent behavior and is a required dependency.