sentry-create-alert
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill requires a Sentry organization authentication token with
alerts:writescope to perform its tasks. The token is provided by the user and is used to authorize API requests tosentry.iosubdomains. - [COMMAND_EXECUTION]: Uses
curlto interact with Sentry's REST API. Commands include GET, POST, PUT, and DELETE operations to manage alert workflows. - [DYNAMIC_EXECUTION]: Utilizes
python3 -cto parse JSON responses from Sentry's API. The Python scripts are short, hardcoded snippets used specifically for extracting IDs and names from structured data. - [EXTERNAL_DOWNLOADS]: Communicates with Sentry's official API endpoints (e.g.,
https://{region}.sentry.io/api/0/organizations/{org}/). These network operations are necessary for the skill's primary function and target the vendor's own infrastructure. - [INDIRECT_PROMPT_INJECTION]: The skill processes data fetched from the Sentry API (member emails, team names, integration keys). While this is an ingestion surface for external data, the data is handled using standard JSON parsing and used for identification purposes within the workflow.
Audit Metadata