The Agent Skills Directory

[SAFE]: The skill implements secure credential management by instructing the agent to store Shopify Admin API tokens in a local skill-hub.env file. It further automates the addition of this file to .gitignore to prevent accidental credential leakage to version control systems.
[COMMAND_EXECUTION]: The bundled Node.js helper script (scripts/shopify-alt-text-admin.mjs) uses child_process.execFile to interact with the Shopify CLI and npm. This execution is properly scoped to the skill's purpose, such as checking connection status and deploying app configurations for API access.
[EXTERNAL_DOWNLOADS]: The skill downloads images from Shopify's official Content Delivery Network (CDN) to a temporary system directory for visual analysis. The instructions include strict requirements for immediate cleanup of these temporary files after use.
[PROMPT_INJECTION]: The skill contains robust instructional guardrails (labeled as "Non-Negotiables") that prevent the agent from misrepresenting its visual capabilities or bypassing safety checks. It requires a visual probe with pixel-derived evidence before claiming multimodal understanding, reducing the risk of the model being manipulated into generating low-quality or hallucinated content.

optimize-shopify-alt-text