shopify-admin-repeat-purchase-rate
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill accesses personally identifiable information (PII) through the Shopify GraphQL API, specifically customer email addresses (
emailAddress) and order history. This data is used to correlate repeat purchases and is exported to a local CSV file for the user. While this behavior is consistent with the skill's purpose, the access to PII should be noted. - [PROMPT_INJECTION]: The skill processes data from external sources (Shopify API) and is therefore susceptible to indirect prompt injection.
- Ingestion points: External data enters the context via the
customers:queryandorders:queryoperations inSKILL.md. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to distinguish between data values (like product titles or customer notes) and instructions.
- Capability inventory: The skill uses the
shopify-admintoolkit to execute GraphQL queries but does not perform any destructive mutations or shell command executions beyond standard CLI usage. - Sanitization: No explicit sanitization or filtering of API response data is described before the data is processed or included in the final CSV/JSON output.
Audit Metadata