shopify
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
curlandjqto interact with the Shopify Admin REST API. While these are standard tools for this purpose, they execute shell commands directly on the host system. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection. Malicious content within Shopify data (e.g., product titles, customer notes, or order details) could potentially influence the agent's behavior when processed.
- Ingestion points: Data is retrieved via
curlfrom the$SHOPIFY_STORE_URLendpoint. - Boundary markers: No explicit delimiters or warnings are present in the provided bash snippets to isolate data from instructions.
- Capability inventory: The skill possesses the capability to execute shell commands (
curl,jq) and read/write to the Shopify store. - Sanitization: The skill uses
jqto parse and filter JSON fields, which provides some structural sanitization, but doesn't prevent natural language instructions within those fields from being interpreted by the LLM.
Audit Metadata