hydrogen-cookbooks
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The
SKILL.mdfile contains instructions to execute local scripts (scripts/search_shopify_docs.mjsandscripts/search_weaverse_docs.mjs) for documentation search purposes. These are part of the skill's utility tooling. - [EXTERNAL_DOWNLOADS]: The
weaverse-hydrogen-integration.mdreference guide instructs users to install the@weaverse/hydrogenpackage via standard package managers. This is a legitimate dependency provided by the vendor for the described integration. - [DATA_EXFILTRATION]: In
customer-account-api.md, the skill describes using the Shopify Hydrogen CLI's tunnel feature (--customer-account-push__unstable) to expose the local development server to a public domain (tryhydrogen.dev). This is a standard and documented Shopify development workflow required for testing Customer Account API callbacks. - [PROMPT_INJECTION]: Several reference files (e.g.,
bundles.md,combined-listings.md) use structural headers like<user_queries>and instructional framing ("This prompt describes how to implement...") to guide the AI's response behavior. These are standard patterns for cookbook-style skills and do not contain malicious bypass instructions.
Audit Metadata