from claude-code-plugins-plus-skills2,235
Register and handle Shopify webhook subscriptions (orders, products, GDPR hooks) with HMAC verification and async processing.
This skill provides clear, runnable patterns for registering Shopify webhook subscriptions (via GraphQL), verifying incoming webhook HMACs, and implementing mandatory GDPR webhook handlers required for App Store submission. It includes example code to register common topics (orders, products, customers), immediate 200 responses with asynchronous processing, and guidance on idempotency and error handling.
Use this skill when building or hardening a Shopify app that needs reliable webhook handling: setting up subscription registration, implementing secure HMAC verification, responding to GDPR data requests/redactions, and processing order/product events asynchronously. It is especially relevant when preparing an app for Shopify App Store review (GDPR hooks are mandatory).
Best suited for Claude Code / Node.js-focused agents and developer tooling that run or generate backend code (Claude Code, Copilot-style assistants).
Shopify webhook registration and GDPR compliance skill. Well-structured SKILL.md with clear steps, code snippets, and error handling table. References external files for detailed implementations. No bundled scripts — purely instructional. HMAC verification is correctly emphasized. The curl test example constructs HMAC properly using openssl. Slight deduction for unquoted $SHOPIFY_API_SECRET in curl example (shell injection risk in theory, though low practical impact).
Clean skill, no security concerns beyond minor unquoted var in example curl. References/ files not bundled so full implementation detail is unavailable for review. Useful for Shopify app developers but niche audience.
