Two services tuned for the Shopify stack. Card 1 stops your agent re-grepping sections/, snippets/, config/settings_schema.json on every turn โ full Liquid + Dawn schema lives in the brain. Card 2 audits theme-app proxy script tags, app-block privilege escalation, Admin API scope leaks. Both Card 1 + Card 2 ship with first-class Liquid support (one of the 13 supported languages at v0.1).
You ask Claude Code: *"Add a quantity-selector to the product card."* It greps sections/main-product.liquid for the quantity input. Then it greps snippets/product-quantity.liquid. Then it re-reads config/settings_schema.json to find the cart-update mode. Then it asks you what theme settings are even relevant.
Every re-read costs tokens. Every re-grep is a stale lookup that ignores the structural map of which section includes which snippet, which settings keys gate which blocks, which app blocks the theme registers. The structural map exists in the theme โ the agent just doesn't have a structured way to query it.
Card 1 ingests the full Liquid + Dawn schema into the brain. Sections, snippets, includes, settings, schemas, blocks โ all queryable via the precision layer. Your agent calls preflight({target: "product-quantity"}) and gets every include + every caller + every setting that touches it. One call. $0.
Card 1's hooks fire on every Edit / Write in your theme repo. The code verification backing them knows:
schema block of a section; preflight surfaces which other Liquid files read those settings, prevents removed-but-referenced setting keys.locales/en.default.json key; verify_no_fake_done catches the now-broken {{ 'foo.bar' | t }} in liquid files.{ "type": "@app" } targets.Shopify-specific findings the generic Red Team Audit picks up + escalates:
<script> into the storefront via theme-app extension. If unsanitised customer / metafield data flows into that script, that's stored XSS reaching every storefront visitor. Card 2's Web/API perspective + AI/LLM perspective both flag this pattern.shop.metafields.* for "personalisation" but actually exfils PII to your server. Forgotten Attack Surface flags zombie blocks no longer in active templates but still registered in main-theme schema.read_orders for a feature you shipped, then deprecated the feature but kept the scope. Surface Drift Watch catches the scope-in-manifest-but-no-code-uses-it case./apps/your-app/... proxy endpoint relies on Shopify-signed query params. Auth-bypass-finder verifies signature check happens before any state mutation.customer.token through every cart-mutation endpoint, flags any storage in localStorage without expiry.Output: same as generic Card 2 โ MITRE-mapped kill chains + PoC pseudocode + structural reachability evidence. Pairs with Shopify's own app review process; doesn't replace it.
The brain ingests:
blocks/ + assets/ + extension.toml. App-block registrations parsed structurally.curl -fsSL https://argosbrain.com/install.sh | sh cd ~/my-shopify-theme argosbrain init --install-config .
Detects your theme (presence of config/settings_schema.json or shopify.theme.toml) and tunes the Liquid backend. Same for Remix apps (shopify.app.toml). Restart your AI agent. Card 1 hooks fire on every Liquid edit. Type /argos-security to run Card 2.
Theme code (which often contains hardcoded brand copy + price logic + competitive theme structure) stays on your machine. No cloud round-trip during ingestion or retrieval. Solo + open-source themes free indefinitely. Agencies on Shopify Plus client work โ talk to [email protected] about team tier pricing.
Get your free key โ ยท The two services ยท Skills ยท Shopify-specific posts ยท Talk to engineering