shopify-developer
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of high-quality documentation and reference files. All code snippets are instructional and follow platform best practices.
- [PROMPT_INJECTION]: No malicious instructions designed to override agent behavior or bypass safety guardrails were found in the metadata or the markdown bodies.
- [CREDENTIALS_UNSAFE]: The documentation handles authentication correctly, using placeholders like 'shpat_...' for API tokens and recommending the use of environment variables (.env) for secret management.
- [EXTERNAL_DOWNLOADS]: References to external software are limited to official Shopify tools and industry-standard development packages from well-known registries. This includes official tools from Shopify and trusted integrations from Anthropic.
- [DATA_EXFILTRATION]: No suspicious network operations or unauthorized sensitive file access patterns were identified. The skill correctly directs traffic to official Shopify API endpoints.
Audit Metadata