sentry-svelte-sdk
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Probes the local filesystem using
ls,cat, andgrepto identify the project framework and existing configurations. - [COMMAND_EXECUTION]: Inspects adjacent directories (
../backend,../server, etc.) to suggest additional Sentry SDKs for cross-linking observability. - [EXTERNAL_DOWNLOADS]: Recommends installing official Sentry npm packages such as
@sentry/sveltekitand@sentry/svelte. - [REMOTE_CODE_EXECUTION]: Suggests running
npx @sentry/wizard@latest, which downloads and executes the official Sentry setup tool. This is a well-known service provided by the vendor. - [PROMPT_INJECTION]: Identifies a surface for indirect prompt injection as the skill reads untrusted project files to determine configuration steps.
- Ingestion points: Reads
package.json,svelte.config.js,vite.config.ts, and files in parent directories likego.modorrequirements.txt(as seen in SKILL.md). - Boundary markers: No specific boundary markers or instructions to ignore embedded commands in the read files are present.
- Capability inventory: Execution of shell commands (probing and installation) and code generation for critical configuration files (
hooks.server.ts,vite.config.ts). - Sanitization: Content from the ingested files is used directly to drive the agent's logic without validation or escaping.
Audit Metadata