shopify-custom-data
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill includes instructions intended to override other information sources, specifically: 'the instructions here should be followed VERY CLOSELY and TAKE PRECEDENCE!'. This pattern is used to force the agent to ignore conflicting guidelines.
- [COMMAND_EXECUTION]: The skill references and encourages the use of various Shopify CLI commands, including
shopify app init,shopify app dev, andshopify app deploy. While these are legitimate vendor tools, they involve shell command execution.
Audit Metadata