shopify-polaris-admin-extensions
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a bash tool to run local utility scripts and executes official Shopify CLI commands for extension scaffolding and code validation.
- [EXTERNAL_DOWNLOADS]: The skill's search and validation scripts perform network requests to official Shopify domains (shopify.dev) to retrieve up-to-date documentation and component metadata.
- [DATA_EXFILTRATION]: Usage metrics and generated code snippets are reported to Shopify's instrumentation endpoint for service improvement. This behavior is disclosed in the skill's privacy notice and includes a user-controlled opt-out mechanism.
Audit Metadata