shopify-liquid

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill's runtime scripts (scripts/search_docs.mjs and scripts/validate.mjs) perform fetches to Shopify endpoints (e.g. https://shopify.dev/assistant/search and https://shopify.dev/mcp/usage), and the search response from https://shopify.dev/assistant/search is required by the mandated "search before writing code" step and therefore directly influences the agent's prompts/instructions at runtime.