Shopify Runtime

v1.0.0

Use when the user wants direct Shopify runtime access through one configured store: inspect setup status, search Shopify docs, or execute JavaScript against...

⭐ 1· 104·0 current·0 all-time

byMark Yan@ypyf

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for ypyf/shopify-runtime.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Shopify Runtime" (ypyf/shopify-runtime) from ClawHub.
Skill page: https://clawhub.ai/ypyf/shopify-runtime
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: SHOPIFY_STORE_DOMAIN, SHOPIFY_CLIENT_ID, SHOPIFY_CLIENT_SECRET
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install shopify-runtime

ClawHub CLI

Package manager switcher

npx clawhub@latest install shopify-runtime

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Benign

medium confidence

ℹ

Purpose & Capability

Name/description, declared env vars (SHOPIFY_STORE_DOMAIN, SHOPIFY_CLIENT_ID, SHOPIFY_CLIENT_SECRET), and included scripts align with providing direct programmatic access to a single Shopify store. One noteworthy implementation detail: the provider exchanges client_id + client_secret via a client_credentials-style POST to /admin/oauth/access_token; that grant is unusual for Shopify's common OAuth flows, so confirm this token-exchange matches your Shopify app model.

ℹ

Instruction Scope

SKILL.md instructs running the bundled Node CLI to inspect status, search docs, or execute JS. The runtime enforces a blacklist of dangerous JS patterns (no process, globalThis, eval, fs, child_process, dynamic import, etc.) and executes user scripts in a VM-like sandbox. However, scripts can call provider.graphql/provider.request (intended to reach the configured store). You should verify provider.request is restricted to the target store domain (and not usable to reach arbitrary external endpoints) if you are concerned about exfiltration or cross-host requests.

✓

Install Mechanism

No install spec is provided and the skill ships as code files (lib/, scripts/, references/). Nothing is downloaded from external URLs during install; the skill runs as a local Node script — this is low install risk. (Because it contains executable code, you should still review the included files before running.)

✓

Credentials

The skill requests the expected Shopify inputs (store domain, client id, client secret) and marks the client secret as primaryEnv. The number and type of env vars are proportionate to the stated functionality; there are no unrelated secrets or config paths requested.

✓

Persistence & Privilege

always is false and the skill does not request special system paths or other skills' credentials. It runs per-agent with injected environment variables; default autonomous invocation is allowed (platform default) but not a property of this skill that increases privilege beyond its declared scope.

Assessment

This skill appears internally coherent, but take these practical steps before installing or enabling it in production: - Verify the source/trustworthiness of the skill package (it has no homepage or known publisher). If you don't trust the author, don't supply secrets. - Confirm the token-exchange behavior matches your Shopify app: check that exchanging client_id + client_secret for an Admin token is acceptable for your app type and environment. If your org uses a different OAuth flow, do not reuse sensitive credentials here. - Audit shopify-provider.mjs (provider.request/provider.graphql) to ensure requests are restricted to the configured store domain and cannot be repointed to arbitrary external hosts (this is the main exfiltration risk when scripts can make network requests). - Run the skill against a non-production store first, and/or with a scoped test client secret with minimal scopes required for your tasks. - If you are uncomfortable with the agent invoking this skill autonomously, disable autonomous invocation or require explicit user invocation in OpenClaw configuration. If you want, I can search the repository for any code paths that would permit requests to arbitrary domains or show the remainder of shopify-provider.mjs so you can review the request-building logic in detail.

✗

lib/runtime.mjs:70

Shell command execution detected (child_process).

✗

lib/runtime.mjs:37

Environment variable access combined with network send.

lib/runtime.mjs:551

File read combined with network send (possible exfiltration).

Patterns worth reviewing

These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

EnvSHOPIFY_STORE_DOMAIN, SHOPIFY_CLIENT_ID, SHOPIFY_CLIENT_SECRET

Primary envSHOPIFY_CLIENT_SECRET

latestvk976zscd52cgxx26v7vfd9qb4s83bmtp

104downloads

1stars

1versions

Updated 1mo ago

v1.0.0

MIT-0

Seller Runtime Toolkit

Use this skill when you need direct, scriptable access to one Shopify store from OpenClaw.

This skill complements seller-api-workflow. Keep the existing workflow skill for higher-level business asks. Use this skill when the task is explicitly about Shopify setup status, documentation search, script execution, or troubleshooting those surfaces.

This skill is self-contained. You can copy the entire shopify-runtime/ folder into an OpenClaw workspace/skills/ directory and run it there without the seller-assistant plugin repository beside it.

Quick Start

Configure the skill in OpenClaw instead of maintaining per-store profiles.
Set this skill's apiKey in OpenClaw. Because the skill declares primaryEnv: "SHOPIFY_CLIENT_SECRET", OpenClaw injects that value into SHOPIFY_CLIENT_SECRET for each agent run.
Set skills.entries."shopify-runtime".env.SHOPIFY_STORE_DOMAIN to your *.myshopify.com domain.
Set skills.entries."shopify-runtime".env.SHOPIFY_CLIENT_ID to your Shopify app client id.
Optionally set skills.entries."shopify-runtime".env.SHOPIFY_API_VERSION to override the default API version.
Run the bundled script with node.
Read references/shopify-provider.md when the request touches auth, scopes, orders, or write access.
Read references/runtime-contract.md when you need the output shape or command examples.

Example OpenClaw config:

{
  skills: {
    entries: {
      "shopify-runtime": {
        apiKey: { source: "env", provider: "default", id: "SHOPIFY_CLIENT_SECRET" },
        env: {
          SHOPIFY_STORE_DOMAIN: "your-store.myshopify.com",
          SHOPIFY_CLIENT_ID: "your_shopify_client_id",
          SHOPIFY_API_VERSION: "2026-01",
        },
      },
    },
  },
}

Auth And Scope Notes

This skill currently authenticates with Shopify by exchanging SHOPIFY_CLIENT_ID + SHOPIFY_CLIENT_SECRET for an Admin API access token. It does not use a pre-issued SHOPIFY_ACCESS_TOKEN.
This flow is intended for a Shopify app owned by the same organization as the target store and installed on that same store.
Read operations usually need matching Shopify Admin API scopes such as read_products, read_inventory, read_orders, or read_customers.
Write operations usually need the matching write scopes such as write_products, write_inventory, or write_orders.
Order access can still fail even with basic scopes. Older orders may require read_all_orders, and protected customer data access may still be required.

Capability Boundaries

Prefer Admin GraphQL for normal reads and writes. Use REST only when GraphQL is not the best fit.
--mode read blocks local REST writes and GraphQL mutations before the request is sent.
--mode write only removes the local read-only guard. Shopify still enforces the app's granted scopes.
status confirms local skill readiness, not that Shopify token exchange will succeed.

Commands

Inspect current setup

Use this when the user asks whether the skill is ready, which store it is pointed at, or which API version it will use.

node skills/shopify-runtime/scripts/seller-runtime.mjs status

Search provider and official docs

Use this before writing an API script from memory. Prefer provider notes and the narrowest matching official documentation entry.

node skills/shopify-runtime/scripts/seller-runtime.mjs search --query "orders graphql pagination"

Add --limit or --refresh when needed.

Execute JavaScript

Use this after you know the request shape. Default to --mode read. Only use --mode write when the user clearly asked for a write operation and the Shopify token should allow it.

cat <<'EOF' | node skills/shopify-runtime/scripts/seller-runtime.mjs execute --mode read
return await provider.graphql(`
  query {
    shop {
      name
    }
  }
`)
EOF

The script body should use provider.graphql(...) or provider.request(...). In this runtime, provider.graphql(...) returns the validated GraphQL data object directly. Prefer piping the script on stdin so you do not need temporary files. --script-file is still supported when a real file is more convenient.

Working Rules

This skill targets one configured Shopify store per agent run.
Search docs before inventing request shapes or filters from memory.
Keep execution scripts narrow and return concise structured objects instead of raw payloads when possible.
Treat requestSummary, rawResponses, and logs as execution evidence when you explain the outcome.
Read mode blocks REST write methods and GraphQL mutations locally. Write mode still depends on the Shopify token having matching Admin API access.
The runtime reads SHOPIFY_STORE_DOMAIN, SHOPIFY_CLIENT_ID, SHOPIFY_CLIENT_SECRET, and optional SHOPIFY_API_VERSION from the environment that OpenClaw injects for the skill run.

Comments

Loading comments...