shopify-polaris-app-home

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's required runtime step calls scripts/search_docs.mjs which POSTs queries to https://shopify.dev/assistant/search (and the validation/instrumentation posts to https://shopify.dev/mcp/usage), so externally-fetched search/validation responses from https://shopify.dev/ are used at runtime to drive the agent's generated code and behavior.