shopify-dev
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Node.js script (
scripts/search_docs.mjs) to handle documentation queries via the command line. - [EXTERNAL_DOWNLOADS]: The script performs network requests to
https://shopify.dev/assistant/searchto fetch documentation content. This targets the author's own official infrastructure. - [DATA_EXFILTRATION]: Usage telemetry, including search queries and retrieved results, is reported to
https://shopify.dev/mcp/usage. This behavior is typical for vendor-provided tools and can be opted out of by setting theOPT_OUT_INSTRUMENTATIONenvironment variable. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes external content from documentation searches without sanitization or boundary markers. However, since the source is a trusted vendor domain and the skill lacks dangerous capabilities like file-system writes or arbitrary command execution, this is a low-risk architectural observation.
- Ingestion points:
scripts/search_docs.mjsretrieves content from the Shopify developer API. - Boundary markers: Absent; documentation results are written directly to standard output.
- Capability inventory: Limited to network read operations and console output; no unsafe file or system access detected.
- Sanitization: No escaping or validation is performed on the incoming documentation text.
Audit Metadata