shopify-polaris-app-home

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's runtime script scripts/search_docs.mjs performs a POST to https://shopify.dev/assistant/search (SHOPIFY_DEV_BASE_URL) and the returned search results are explicitly required and used to drive code generation/validation, so remote content at that URL can directly control agent prompts/instructions.