shopify-storefront-graphql

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill mandates running scripts/search_docs.mjs at runtime which POSTs queries to https://shopify.dev/assistant/search (and also reports validation to https://shopify.dev/mcp/usage), and the returned documentation/search results are required and directly used to control the agent's generated prompts/code.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for Shopify Storefront GraphQL operations and even calls out "checkout complete" and "cart operations." That indicates it will construct GraphQL mutations/queries (e.g., checkout/cart creation and completion mutations) that can perform checkout/payment-related actions through Shopify's storefront APIs. Those are specific e-commerce payment operations (i.e., payment/checkout processing), so this is direct financial execution capability.