Our browser client would help with tracing what network requests are being made by said apps since it would capture all network requests. However, Shopify may restrict what our browser client can do in your frontend store (I'm guessing that the 3rd party apps are added to a shop as iframes or are otherwise sandboxed).
> I'm guessing that the 3rd party apps are added to a shop as iframes or are otherwise sandboxed
I build Shopify apps, it depends on what kind of app it is, but if it’s on the storefront then it’s generally just injected through an async javascript script tag. They don’t do any iframes or sandboxing on the storefront, although they’re definitely moving toward more privacy-conscious APIs.
