Skills
skills/40rty-ai/shopify-admin-skills/url-redirect-audit/Gen Agent Trust Hub

url-redirect-audit

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is designed for read-only auditing of Shopify store redirects using the official Shopify Admin API. It does not perform any mutations or unauthorized data transfers.
  • [PROMPT_INJECTION]: The skill processes external data (redirect paths and targets) from the Shopify store. This represents a potential surface for indirect prompt injection, however, the skill's capabilities are limited to local CSV file creation and reporting.
  • Ingestion points: Shopify urlRedirects GraphQL query in SKILL.md.
  • Boundary markers: No explicit delimiters or warnings for embedded instructions are present in the processing flow.
  • Capability inventory: Local file writing (CSV) and GraphQL read-only queries.
  • Sanitization: The skill does not specify sanitization or escaping of the ingested redirect data.
  • [COMMAND_EXECUTION]: The prerequisites include a manual step for the user to authenticate via the Shopify CLI (shopify store auth), which is a standard and safe administrative procedure.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 04:14 AM