supply-chain-optimization-shopify
Pass
Audited by Gen Agent Trust Hub on May 24, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The HTML report generator (
scripts/report_html.py) references the Chart.js library from the jsDelivr CDN (https://cdn.jsdelivr.net/npm/chart.js). This is a well-known and trusted service for hosting legitimate open-source libraries. - [COMMAND_EXECUTION]: The skill includes Python scripts for calculating metrics and generating reports. These scripts use standard library functions to process numerical data and write local files (
report.md,report.html). They do not perform any privileged operations, network exfiltration, or arbitrary command execution. - [CREDENTIALS_UNSAFE]: The documentation mentions Shopify and ShipBob API keys but correctly uses placeholders (e.g.,
xxx) and instructs the user to set them as environment variables, which is a standard and safe practice for secret management.
Audit Metadata