sentry-react-native-sdk
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses standard shell commands like
grep,cat,ls, andfindto analyze the local project structure and detect configuration files (e.g.,package.json,app.json). these are used strictly for environment discovery to provide relevant setup advice. - [EXTERNAL_DOWNLOADS]: The instructions guide the agent to install official Sentry packages and React Native dependencies from the NPM registry. These are well-known, trusted sources associated with the skill's stated vendor, Sentry.
- [REMOTE_CODE_EXECUTION]: The skill executes the official Sentry wizard via
npx @sentry/wizard@latest. This is a vendor-provided tool designed for automated project configuration and is consistent with the skill's primary purpose. - [CREDENTIALS_UNSAFE]: No hardcoded secrets were found. The skill uses placeholders for sensitive values (e.g.,
YOUR_SENTRY_DSN) and explicitly provides best-practice security advice, such as addingSENTRY_AUTH_TOKENto.gitignoreand using CI secrets for native builds. - [DATA_EXFILTRATION]: The skill configures an error monitoring and performance tracking service (Sentry). The documentation includes extensive sections on privacy, specifically detailing how to mask PII (Personally Identifiable Information) when using features like Session Replay.
Audit Metadata