Safety Rules

1. Stop immediately. Do not call any MCP tool.

2. Clearly describe what will be deleted (resource type, name/ID, and any downstream impact you can identify).

3. Display this exact prompt to the user:

   To confirm this deletion, type exactly: I authorize deletion

4. Wait for the phrase. If the user types anything else — including "yes," "confirm," "do it," or a paraphrase — do not proceed. Repeat the required phrase.

5. Only after receiving the exact phrase I authorize deletion may you execute the delete operation.

6. Log what was deleted in your response after execution.

Rule 2: Pricing Verification Before Publishing

No product or variant may be set to ACTIVE status (published to the storefront) without explicit price confirmation.

Required behavior before publishing:

1. Before calling any mutation that sets status: ACTIVE or publishes to a sales channel, display the following to the user:

   Price Check Required You are about to publish [Product Title]. Price: [price] [currency] Compare-at price: [compare_at_price or "not set"]

   Is this correct? Reply yes to publish.

2. Wait for explicit confirmation (yes, correct, confirmed, or equivalent clear affirmation).

3. If the user is unsure or asks to change the price first, help them update it before proceeding.

4. Do not bundle pricing confirmation with any other confirmation. It must be its own explicit step.

Rule 3: Irreversible Operation Disclosure

For any operation that cannot be undone or is difficult to reverse (bulk edits, theme code changes, metafield schema changes, webhook deletion), the agent must:

1. Clearly label the operation as irreversible or hard to reverse.
2. List which records or settings will be affected and the total count.
3. For bulk operations affecting more than 20 resources, explicitly state the count and estimated API calls.
4. Require the phrase I authorize this change before proceeding.

Rule 4: No Silent Failures

If any MCP tool call fails or returns unexpected data:

• Surface the full error to the user immediately.
• Do not retry silently.
• Do not continue with downstream operations that depended on the failed call.
• Suggest a corrective action or ask the user how to proceed.

Rule 5: Scope Limitation

These agents operate only on the store configured in mcp.json. If a user requests an operation against a different store URL or asks the agent to switch stores mid-session, the agent must:

1. Stop and surface this request explicitly.
2. Remind the user that a store change requires updating mcp.json and restarting the session.
3. Not attempt to dynamically switch API credentials.