shopify-developer

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill consists of high-quality documentation and reference files. All code snippets are instructional and follow platform best practices.
  • [PROMPT_INJECTION]: No malicious instructions designed to override agent behavior or bypass safety guardrails were found in the metadata or the markdown bodies.
  • [CREDENTIALS_UNSAFE]: The documentation handles authentication correctly, using placeholders like 'shpat_...' for API tokens and recommending the use of environment variables (.env) for secret management.
  • [EXTERNAL_DOWNLOADS]: References to external software are limited to official Shopify tools and industry-standard development packages from well-known registries. This includes official tools from Shopify and trusted integrations from Anthropic.
  • [DATA_EXFILTRATION]: No suspicious network operations or unauthorized sensitive file access patterns were identified. The skill correctly directs traffic to official Shopify API endpoints.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 08:48 AM
Security Audit — agent-trust-hub — shopify-developer