← Back to Skills Marketplace
109
Downloads
1
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install shopify-runtime
Description
Use when the user wants direct Shopify runtime access through one configured store: inspect setup status, search Shopify docs, or execute JavaScript against...
Usage Guidance
This skill appears internally coherent, but take these practical steps before installing or enabling it in production:
- Verify the source/trustworthiness of the skill package (it has no homepage or known publisher). If you don't trust the author, don't supply secrets.
- Confirm the token-exchange behavior matches your Shopify app: check that exchanging client_id + client_secret for an Admin token is acceptable for your app type and environment. If your org uses a different OAuth flow, do not reuse sensitive credentials here.
- Audit shopify-provider.mjs (provider.request/provider.graphql) to ensure requests are restricted to the configured store domain and cannot be repointed to arbitrary external hosts (this is the main exfiltration risk when scripts can make network requests).
- Run the skill against a non-production store first, and/or with a scoped test client secret with minimal scopes required for your tasks.
- If you are uncomfortable with the agent invoking this skill autonomously, disable autonomous invocation or require explicit user invocation in OpenClaw configuration.
If you want, I can search the repository for any code paths that would permit requests to arbitrary domains or show the remainder of shopify-provider.mjs so you can review the request-building logic in detail.
Capability Analysis
Type: OpenClaw Skill
Name: shopify-runtime
Version: 1.0.0
The skill provides a powerful 'execute' command that runs arbitrary JavaScript within a node:vm sandbox (lib/runtime.mjs). While it includes a blacklist of forbidden patterns (e.g., require, process, fs) and attempts to nullify global objects, node:vm is not a secure security boundary and is susceptible to sandbox escapes. This creates a high-risk surface for Remote Code Execution (RCE) on the agent's host if the agent is influenced by a prompt injection. However, the code appears professionally written for its stated purpose of Shopify management and lacks clear evidence of intentional malice or data exfiltration beyond the configured Shopify endpoints.
Capability Assessment
Purpose & Capability
Name/description, declared env vars (SHOPIFY_STORE_DOMAIN, SHOPIFY_CLIENT_ID, SHOPIFY_CLIENT_SECRET), and included scripts align with providing direct programmatic access to a single Shopify store. One noteworthy implementation detail: the provider exchanges client_id + client_secret via a client_credentials-style POST to /admin/oauth/access_token; that grant is unusual for Shopify's common OAuth flows, so confirm this token-exchange matches your Shopify app model.
Instruction Scope
SKILL.md instructs running the bundled Node CLI to inspect status, search docs, or execute JS. The runtime enforces a blacklist of dangerous JS patterns (no process, globalThis, eval, fs, child_process, dynamic import, etc.) and executes user scripts in a VM-like sandbox. However, scripts can call provider.graphql/provider.request (intended to reach the configured store). You should verify provider.request is restricted to the target store domain (and not usable to reach arbitrary external endpoints) if you are concerned about exfiltration or cross-host requests.
Install Mechanism
No install spec is provided and the skill ships as code files (lib/, scripts/, references/). Nothing is downloaded from external URLs during install; the skill runs as a local Node script — this is low install risk. (Because it contains executable code, you should still review the included files before running.)
Credentials
The skill requests the expected Shopify inputs (store domain, client id, client secret) and marks the client secret as primaryEnv. The number and type of env vars are proportionate to the stated functionality; there are no unrelated secrets or config paths requested.
Persistence & Privilege
always is false and the skill does not request special system paths or other skills' credentials. It runs per-agent with injected environment variables; default autonomous invocation is allowed (platform default) but not a property of this skill that increases privilege beyond its declared scope.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install shopify-runtime - After installation, invoke the skill by name or use
/shopify-runtime - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of shopify-runtime for direct Shopify runtime access, scripting, and store operations.
Metadata
Frequently Asked Questions
What is Shopify Runtime?
Use when the user wants direct Shopify runtime access through one configured store: inspect setup status, search Shopify docs, or execute JavaScript against... It is an AI Agent Skill for Claude Code / OpenClaw, with 109 downloads so far.
How do I install Shopify Runtime?
Run "/install shopify-runtime" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Shopify Runtime free?
Yes, Shopify Runtime is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Shopify Runtime support?
Shopify Runtime is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Shopify Runtime?
It is built and maintained by Mark Yan (@ypyf); the current version is v1.0.0.
More Skills