shopify-testing
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for running official
shopifyCLI commands (e.g.,theme check,app function run) and standard build/test scripts (npm run test). These are standard development operations performed in the local environment or CI/CD pipelines. - [EXTERNAL_DOWNLOADS]: Recommends using official GitHub Actions (
actions/checkout,actions/setup-node) and installing project dependencies vianpm ci. These resources are sourced from trusted, well-known providers. - [PROMPT_INJECTION]: The skill utilizes external documentation to guide the agent. Ingestion points: Fetches live documentation from
shopify.devusingWebSearchandWebFetchtools as specified inSKILL.md. Boundary markers: None are explicitly defined to isolate the fetched documentation from the agent's instructions. Capability inventory: The agent has access toBash,Write, andEdittools for implementing tests and project configurations. Sanitization: No explicit validation or sanitization of the fetched external documentation is performed before it is used to guide file modifications.
Audit Metadata