shopify-hydrogen

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides standard architectural patterns and documentation for the Shopify Hydrogen framework. Analysis of the provided instructions and code snippets confirms they align with official developer guidelines.
  • [EXTERNAL_DOWNLOADS]: The skill fetches documentation and project templates from official Shopify domains (shopify.dev) and the @shopify NPM registry. These are well-known and trusted sources for the intended development tasks.
  • [COMMAND_EXECUTION]: Standard project initialization commands (shopify hydrogen init, npm create @shopify/hydrogen) are included. These are the recommended methods for starting new Hydrogen projects.
  • [CREDENTIALS_UNSAFE]: The skill promotes secure credential management by instructing the use of environment variables (e.g., env.PUBLIC_STOREFRONT_API_TOKEN) for Storefront API tokens rather than hardcoding secrets in source code.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:10 AM
Security Audit — agent-trust-hub — shopify-hydrogen