shopify
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior or security vulnerabilities were identified in the skill instructions or supporting scripts.
- [COMMAND_EXECUTION]: The script
scripts/shopify_init.pyexecutes the commandshopify versionusingsubprocess.run. This is a benign environment check to verify the presence of the Shopify CLI before proceeding with project scaffolding. - [EXTERNAL_DOWNLOADS]: The documentation guides users to install the official Shopify CLI using
npm. This follows standard developer workflows for a well-known service and targets trusted official packages. - [DATA_EXPOSURE]: The initialization script includes logic to load configuration from local
.envfiles. This is consistent with standard development practices for managing local environment variables and no exfiltration patterns were found.
Audit Metadata