Compétences shopify-development
📦

shopify-development

Risque faible ⚙️ Commandes externes🌐 Accès réseau🔑 Variables d’environnement📁 Accès au système de fichiers

Build Shopify Apps, Extensions, and Themes

Shopify development requires mastering multiple technologies: OAuth authentication, GraphQL APIs, Liquid templating, and Polaris UI components. This skill provides validated code patterns, CLI workflows, and API integration guides to accelerate your Shopify projects.

Prend en charge: Claude Codex Code(CC)
🥇 82 Or
1

Télécharger le ZIP du skill

2

Importer dans Claude

Allez dans Paramètres → Capacités → Skills → Importer un skill

3

Activez et commencez à utiliser

Tester

Utilisation de "shopify-development". Create a product query with pagination

Résultat attendu:

  • query GetProducts($first: Int!, $after: String) {
  • products(first: $first, after: $after) {
  • edges {
  • node {
  • id
  • title
  • variants(first: 10) {
  • edges {
  • node {
  • id
  • price
  • inventoryQuantity
  • selectedOptions {
  • name
  • value
  • }
  • }
  • }
  • }
  • }
  • }
  • pageInfo {
  • hasNextPage
  • endCursor
  • }
  • }
  • }

Utilisation de "shopify-development". Liquid template for product page

Résultat attendu:

  • {% comment %} Product template with sections {% endcomment %}
  • {% section 'product-hero' %}
  • <div class="product-hero">
  • <h1>{{ product.title }}</h1>
  • <p class="price">{{ product.selected_or_first_available_variant.price | money }}</p>
  • {% form 'product', product %}
  • <select name="id">
  • {% for variant in product.variants %}
  • <option value="{{ variant.id }}">{{ variant.title }}</option>
  • {% endfor %}
  • </select>
  • <button type="submit">Add to Cart</button>
  • {% endform %}
  • </div>
  • {% endsection %}

Audit de sécurité

Risque faible
v1 • 2/25/2026

Static analyzer flagged 553 potential issues, but evaluation confirms these are FALSE POSITIVES for legitimate Shopify development patterns. External commands are Shopify CLI tooling (shopify app/theme init, dev, deploy). Network calls target official Shopify domains (shopify.dev, myshopify.com). Environment access stores standard API credentials (SHOPIFY_API_KEY, SHOPIFY_API_SECRET). The skill follows Shopify best practices with OAuth CSRF protection and secure credential handling. Low risk due to legitimate development tooling usage.

10
Fichiers analysés
3,388
Lignes analysées
7
résultats
1
Total des audits
Problèmes à risque faible (3)
SKILL.md:46-74scripts/shopify_init.py:296-306
External Command Execution - Shopify CLI
The skill executes Shopify CLI commands via subprocess. These are legitimate development tooling commands (shopify app init, shopify theme dev) but represent external code execution.
references/app-development.md:12-72scripts/shopify_graphql.py:70
Network Access - Shopify API Endpoints
The skill makes HTTP requests to Shopify domains (myshopify.com, shopify.dev) for OAuth authentication and GraphQL API operations.
references/app-development.md:48-49scripts/shopify_init.py:21-22
Environment Variable Access - API Credentials
The skill reads environment variables for Shopify API credentials (SHOPIFY_API_KEY, SHOPIFY_API_SECRET). This is standard practice but requires secure environment configuration.

Facteurs de risque

⚙️ Commandes externes (2)
SKILL.md:46-74 scripts/shopify_init.py:296-306
🌐 Accès réseau (2)
references/app-development.md:12-72 scripts/shopify_graphql.py:70
🔑 Variables d’environnement (2)
references/app-development.md:48-49 scripts/shopify_init.py:21-22
📁 Accès au système de fichiers (1)
scripts/shopify_init.py:68-101
Audité par: claude

Score de qualité

82
Architecture
100
Maintenabilité
87
Contenu
50
Communauté
84
Sécurité
91
Conformité aux spécifications

Ce que vous pouvez construire

E-commerce Merchant Building Custom Tools

Create apps to automate inventory management, generate custom reports, or integrate third-party services like shipping providers.

Agency Developer Building Client Solutions

Rapidly scaffold client projects with checkout customizations, admin extensions, and theme modifications using proven patterns.

Indie Developer Launching Shopify Apps

Build and monetize apps using billing integration, webhooks, and Shopify Functions for the Shopify App Store.

Essayez ces prompts

Initialize a New Shopify App 
Create a new Shopify app with Node.js and React using the Shopify CLI. Include OAuth authentication, GraphQL API client setup, and basic product listing page. Configure access scopes for reading products and orders.
Build a Checkout UI Extension 
Generate a checkout UI extension that adds a custom discount code field and gift message input. Use Polaris components and the checkout extension API. Include TypeScript types and example localization strings.
Create GraphQL Query for Products 
Write a GraphQL query to fetch products with variants, images, and metafields. Include cursor-based pagination and filter by collection. Validate against Shopify Admin API 2026-01 schema.
Implement Webhook Handler 
Create a webhook handler for order creation events. Verify HMAC signature, parse the webhook payload, and trigger a fulfillment workflow. Include error handling and retry logic for failed deliveries.

Bonnes pratiques

  • Always verify OAuth state parameter to prevent CSRF attacks during app installation
  • Use cursor-based pagination for GraphQL queries to handle large datasets efficiently
  • Store API credentials in environment variables, never commit secrets to version control
  • Implement webhook signature verification using HMAC-SHA256 for all webhook handlers
  • Follow Polaris design system for consistent UI across Shopify admin extensions

Éviter

  • Hardcoding API credentials or access tokens directly in source code files
  • Making unauthenticated GraphQL requests without proper OAuth token exchange
  • Ignoring rate limit headers (X-Shopify-Shop-Domain) and query cost in API responses
  • Using REST API when GraphQL provides more efficient batch operations
  • Skipping webhook HMAC verification which allows malicious webhook injection

Foire aux questions

What Shopify API version does this skill support?
This skill uses Shopify Admin API 2026-01. GraphQL queries and mutations are validated against this version. Shopify releases new API versions quarterly with 12-month support windows.
Do I need a Shopify Partner account to use this skill?
Yes, you need a free Shopify Partner account to create development stores, register apps, and access the Partner Dashboard for app submission and billing configuration.
Can this skill help with Shopify Plus features?
Yes, the skill covers Shopify Plus features including checkout extensions, Shopify Functions for custom discounts and delivery rules, and B2B functionality on the Plus plan.
How do I test my app before publishing to the App Store?
Use a development store from your Partner Dashboard to test apps locally with 'shopify app dev'. Test on multiple store types and use the Shopify App Review checklist before submission.
What is the difference between app extensions and theme extensions?
App extensions add functionality to Shopify admin or checkout (backend logic). Theme extensions modify storefront appearance using Liquid (frontend UI). Many projects require both working together.
How does billing work for Shopify apps?
Shopify handles billing through the Billing API. You can charge one-time fees, recurring subscriptions, or usage-based pricing. Shopify takes a revenue share and handles payment processing.

Détails du développeur

Auteur

sickn33

Licence

MIT

Dépôt

https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/shopify-development

Réf

main

Structure de fichiers

📁 references/

📄 app-development.md

📄 extensions.md

📄 themes.md

📁 scripts/

📁 tests/

📄 test_shopify_init.py

📄 requirements.txt

📄 shopify_graphql.py

📄 shopify_init.py

📄 README.md

📄 SKILL.md