enable-shopify-cms

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). At runtime, the skill’s required workflow queries Shopify metaobjects (metaobjects(type: "cms_homepage"/"cms_page")) via the Storefront API and then transforms the returned fields (including free-text like titles/descriptions and JSON sections) into LLM context for rendering; this is outsider-authored content from the Shopify store’s CMS (not authored by the operating user in the prompt), so it can include arbitrary free text.