shopify-checkout-ui

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security risks were identified. The skill correctly directs users to official Shopify documentation and utilizes Shopify's designated UI primitives and APIs for checkout customization.\n- [PROMPT_INJECTION]: The skill instructs the agent to retrieve live documentation from shopify.dev and perform web searches, creating a surface for indirect prompt injection from external sources.\n
  • Ingestion points: SKILL.md (WebFetch instructions for shopify.dev and WebSearch for extension targets and components).\n
  • Boundary markers: Absent.\n
  • Capability inventory: Bash, Write, Edit, Grep, Glob, WebSearch, WebFetch.\n
  • Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:51 PM
Security Audit — agent-trust-hub — shopify-checkout-ui