storefront-widget

[Skill Scanner] Credential file access detected All findings: [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] No explicit malware or backdoor code is present in the provided skill/document. The doc and code snippets are internally consistent with a storefront scripttag's purpose. The main security risk is operational: injecting a remote bundle from CDN_URL without recommending integrity checks, domain pinning, CSP guidance, or validation of window.APP_DATA allows a compromised CDN or attacker-controlled CDN_URL to run arbitrary code in merchants' storefronts and exfiltrate sensitive data. Recommend adding SRI, strict allowed CDN host guidance, CSP best-practices, and validation/least-privilege guidance for APP_DATA usage. LLM verification: Functionally the skill is coherent for building a tiny storefront widget: it appropriately uses window.APP_DATA, lightweight Preact, lazy loading, and a minimal loader. The primary security concern is the loader pattern that fetches and executes a remote bundle using an ambient CDN_URL. If CDN_URL or the hosting CDN is attacker-controlled or mutable, the skill becomes a high-risk supply-chain vector able to run arbitrary code in merchant and customer contexts and access sensitive page data. To b