shopify-polaris-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions to override behavior or bypass safety guidelines were detected.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file access, network operations, or hardcoded credentials detected.
- [Obfuscation] (SAFE): No hidden or encoded content was found.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): References standard, trusted Shopify libraries. No remote execution patterns detected.
- [Privilege Escalation] (SAFE): No commands for elevating permissions or accessing system files were found.
- [Persistence Mechanisms] (SAFE): No attempts to create persistent access were detected.
- [Metadata Poisoning] (SAFE): Metadata is descriptive and consistent with the skill's purpose.
- [Indirect Prompt Injection] (SAFE): No untrusted data ingestion surfaces were identified.
- [Time-Delayed / Conditional Attacks] (SAFE): No logic gating behavior based on time or conditions was found.
- [Dynamic Execution] (SAFE): No dynamic code generation or unsafe deserialization patterns were detected.
Audit Metadata