customer-spend-tier-tagger
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a well-defined administrative utility for Shopify users and contains no indicators of malicious intent or behavior.
- [COMMAND_EXECUTION]: Operational scope is limited to official Shopify GraphQL mutations and queries via the specified toolkit; no arbitrary or suspicious shell commands were detected.
- [DATA_EXPOSURE]: The skill accesses customer PII (names and emails) which is necessary for its segmentation purpose. This data is stored locally in a CSV file for the user's reference and is not exfiltrated to unauthorized external domains.
- [REMOTE_CODE_EXECUTION]: No evidence was found of remote code downloads, external package installations, or dynamic code execution patterns.
Audit Metadata