Skills
skills/shopify/shopify-ai-toolkit/shopify-polaris-app-home/Gen Agent Trust Hub

shopify-polaris-app-home

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill's scripts (search_docs.mjs and validate.mjs) make network requests to shopify.dev to retrieve documentation data and send validation reports. These operations are performed against official vendor infrastructure.
  • [COMMAND_EXECUTION]: The skill requires the execution of local scripts via the bash tool to search documentation and run a virtual TypeScript environment for code validation. These commands are integral to the intended development workflow.
  • [DATA_EXFILTRATION]: The skill implements an instrumentation system that sends tool usage metrics and validation results to Shopify's servers. This behavior is explicitly documented in a privacy notice within the skill instructions, and it includes a configuration option for users to opt out.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 10:24 PM
Security Audit — agent-trust-hub — shopify-polaris-app-home