sentry
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Data Ingestion and Indirect Injection: The skill processes external error data from Sentry. Analysis of the mandatory evidence chain confirms: (1) Ingestion points: Sentry API responses are processed by
scripts/sentry_api.py. (2) Boundary markers:SKILL.mdinstructs the agent to redact PII and never echo tokens. (3) Capability inventory: The skill is limited to read-only API requests (urllib.request) and does not have the ability to write to the filesystem or execute arbitrary system commands. (4) Sanitization: The script implementsredact_datato filter emails and IP addresses from results. - [SAFE]: Credential Management: Authentication is handled via a
SENTRY_AUTH_TOKENenvironment variable. The documentation includes clear instructions for users to set this variable locally and explicitly warns against sharing the token in the chat interface, minimizing the risk of credential exposure. - [SAFE]: External Service Interaction: The skill performs network operations to
sentry.io, which is a recognized well-known observability service. The interactions are limited to standard API endpoints necessary for retrieving project health and event details.
Audit Metadata