Skills
skills/shopify/shopify-ai-toolkit/shopify-admin/Gen Agent Trust Hub

shopify-admin

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a bash tool to execute internal maintenance scripts (scripts/search_docs.mjs and scripts/validate.mjs) for searching documentation and validating generated GraphQL code blocks.
  • [EXTERNAL_DOWNLOADS]: The scripts/search_docs.mjs script performs network requests using fetch to shopify.dev to retrieve search results from the Shopify Assistant API.
  • [DATA_EXFILTRATION]: The skill includes an instrumentation layer that reports anonymized usage data (tool name, model ID, and result status) to shopify.dev. This is a documented feature for service improvement and includes a clear opt-out mechanism via the OPT_OUT_INSTRUMENTATION environment variable.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 04:12 PM
Security Audit — agent-trust-hub — shopify-admin