Skills
skills/orcaqubits/agentic-commerce-skills-plugins/shopify-payments/Gen Agent Trust Hub

shopify-payments

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious instructions, obfuscation, or unauthorized access patterns were detected. The skill provides legitimate integration guidance for Shopify's payment and billing systems.
  • [INDIRECT_PROMPT_INJECTION]: The skill defines an attack surface by instructing the agent to ingest external data from the web.
  • Ingestion points: Official documentation retrieved from shopify.dev using WebSearch and WebFetch (SKILL.md).
  • Boundary markers: The skill instructs the agent to fetch content specifically from well-known and trusted domains.
  • Capability inventory: The environment allows usage of Bash, Write, Edit, Grep, and Glob (SKILL.md).
  • Sanitization: No explicit sanitization or escaping of the external documentation content is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:10 AM