Starship
starship / search / appstle-subscriptions

Audit report

Appstle Subscriptions

Broad accessReach : broadSensitive Access

by Appstle Inc. · Subscriptions · Shopify App Store

Built for ShopifySubscriptionsv4.3.2
Risk level
Broad access
Executive summary

Appstle est devenu un acteur majeur des abonnements Shopify avec une note merchant exceptionnelle. Risque Medium standard pour la catégorie subscriptions.

Key insights

  • Abonnements + Build a Box + member portal.
  • Risque Medium, surface PII + paiement récurrent.
  • Built for Shopify. Note 4,9 sur 4 380 avis.
  • Éditeur US, actif depuis 2020.

Top findings

No critical or high findings detected.
Synthesis

Analysis summary

Appstle est devenu un acteur majeur des abonnements Shopify avec une note merchant exceptionnelle. Risque Medium standard pour la catégorie subscriptions.

Key insights
  • Abonnements + Build a Box + member portal.
  • Risque Medium, surface PII + paiement récurrent.
  • Built for Shopify. Note 4,9 sur 4 380 avis.
  • Éditeur US, actif depuis 2020.
  • Pas encore de SOC 2 publique mais GDPR conforme.

This section is available to signed-in users

Sign up free to unlock findings, data flow and theme code analysis for every Shopify app.

Get started
Permissions

OAuth scopes requested

These are the access permissions this app asks for during install. The sensitivity column reflects PII exposure and merchant impact.

read_customers
High

Identification abonné.

write_customers
High

Tags d'abonnement.

read_orders
Medium

Historique.

write_subscription_contracts
High

Gestion contrats.

write_themes
High

Widget PDP + portail.

This section is available to signed-in users

Sign up free to unlock findings, data flow and theme code analysis for every Shopify app.

Get started

This section is available to signed-in users

Sign up free to unlock findings, data flow and theme code analysis for every Shopify app.

Get started
Attack surface

Network surface

Primary domain
appstle.com
TLS grade
A
HSTS
Enabled
CSP
Enabled

TLS moderne, HSTS, CSP.

Posture

Compliance & certifications

GDPR webhooks Pass
SOC 2 Type II Fail
ISO 27001 Fail
PCI DSS Fail

GDPR webhooks. DPA sur demande. Pas de SOC 2 publique.

Privacy policy
Track record

Publisher reputation

Publisher
Appstle Inc.
Verified Shopify Partner
Yes
Years active
6
Other apps
5
Past incidents
No past incidents on record.
LLM exposure

AI / LLM usage

No LLM usage detected. This app does not appear to forward any customer or merchant data to large-language-model providers.