Skills
skills/sickn33/antigravity-awesome-skills/shopify-automation/Gen Agent Trust Hub

shopify-automation

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the user to configure an external MCP server at https://rube.app/mcp to provide the Shopify toolset.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it processes untrusted data from an external Shopify store.
  • Ingestion points: External data enters the agent context through tools such as SHOPIFY_GET_ALL_CUSTOMERS and SHOPIFY_GET_ORDERS_WITH_FILTERS as defined in SKILL.md.
  • Boundary markers: No explicit delimiters or system instructions are provided to separate retrieved data from agent instructions.
  • Capability inventory: The agent has access to write-heavy operations including bulk product creation and arbitrary GraphQL queries via SHOPIFY_GRAPH_QL_QUERY.
  • Sanitization: No validation or sanitization of the external Shopify data is performed before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 09:16 AM