shopify-functions

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to fetch live documentation and I/O schemas from shopify.dev (Shopify's official developer portal) using WebFetch and WebSearch. These are well-known, trusted sources for development information and do not represent a security risk.
  • [COMMAND_EXECUTION]: The instructions include standard Shopify CLI commands such as shopify app function build and shopify app function run for building and testing extensions locally. These operations are aligned with the skill's primary purpose of Shopify app development.
  • [DATA_EXFILTRATION]: No sensitive file paths or credential patterns were identified. The network operations are limited to fetching documentation from the platform vendor.
  • [PROMPT_INJECTION]: The skill body consists of technical documentation and code templates. No patterns attempting to bypass agent safety filters or override system instructions were found.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:50 PM
Security Audit — agent-trust-hub — shopify-functions