The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the user to perform authentication via the official Shopify CLI (shopify store auth). This is a standard and expected administrative procedure for Shopify store management.
[DATA_EXPOSURE]: The skill queries sensitive store data, including order details, pricing, and customer information (IDs, display names). This access is necessary for the stated purpose of fraud risk assessment and tagging.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from an external source (Shopify order and customer fields).
Ingestion points: Data enters the agent context via the orders GraphQL query in SKILL.md.
Boundary markers: None identified between external data and agent instructions.
Capability inventory: The skill performs write operations using tagsAdd and fulfillmentOrderHold mutations.
Sanitization: No specific sanitization or validation of the fetched data is described before it is processed or used in subsequent mutation inputs.

high-risk-order-tagger