fix-sentry-issues
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of processing external, untrusted log data.\n
- Ingestion points: Retrieves detailed error events, stack traces, and user context via
mcp__sentry__get_issue_details,mcp__sentry__search_issue_events, andaxiom query(SKILL.md).\n - Boundary markers: The instructions lack explicit delimiters or instructions to the AI to ignore instructions potentially embedded within retrieved log fields or URLs.\n
- Capability inventory: The agent can perform significant actions including writing code, executing local tests via
bun run test, managing git branches, and creating GitHub Pull Requests viagh pr create.\n - Sanitization: There is no documented mechanism to sanitize or validate the content of retrieved logs before processing them for analysis or fix generation.\n- [COMMAND_EXECUTION]: The skill utilizes local shell commands to perform repository management and data retrieval.\n
- Evidence: Uses
gitfor version control,axiomfor log querying,ghfor GitHub CLI interactions, andbunfor running project tests and linters. These tools are used in a manner consistent with the skill's stated purpose as a developer tool.
Audit Metadata