Best Shopify Stores
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed PPSPY integration for finding Shopify stores, with no evidence of hidden or harmful behavior in the artifact.
Before installing, make sure you trust PPSPY and the `ppspy-mcp-server@1.0.1` npm package, since the skill installs and runs that package locally and passes it your PPSPY API key. Use a rotatable or limited API key if possible and monitor PPSPY credit usage after first use.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.