sentry-issue

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This skill explicitly instructs the agent to read the Sentry token from ~/.sentryclirc and embed it into Authorization headers for curl requests, which requires handling and placing the secret verbatim in commands/requests (exfiltration risk).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches and parses Sentry issue and event data from third-party endpoints (e.g., the sentry.io API via sentry-cli / curl calls like "https://sentry.io/api/0/issues/<issue_id>/events/latest/"), which are user-generated/untrusted payloads (stacktraces, messages, request context) that the agent is expected to read and interpret.