shopify-setup
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@shopify/clipackage via npm. This is an official development tool provided by Shopify, a well-known service provider. - [CREDENTIALS_UNSAFE]: The skill guides the user through the creation of Admin API access tokens. It incorporates security best practices by instructing the user to store these tokens in local environment files (e.g.,
.dev.vars) and explicitly checking that such files are listed in.gitignoreto prevent accidental data exposure. - [COMMAND_EXECUTION]: The skill uses standard CLI commands for package installation, Shopify authentication, and API verification via
curl. These operations are transparent and consistent with the stated purpose of store management.
Audit Metadata