shopify-apps
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard development patterns for Shopify apps using official libraries and tools.
- [SAFE]: Instructions correctly utilize environment variables (e.g.,
process.env.SHOPIFY_API_KEY) for managing sensitive credentials, avoiding hardcoded secrets. - [SAFE]: Webhook handling patterns include mandatory HMAC verification through the
authenticate.webhook(request)utility provided by the official SDK, protecting against unauthorized data injection. - [SAFE]: The skill explicitly documents and enforces security requirements, such as GDPR compliance handlers and protected customer data access protocols.
- [SAFE]: Code examples include robust error handling and rate limiting logic, ensuring service stability and compliance with Shopify's platform policies.
Audit Metadata