sentry-otel-exporter-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and use live content from public GitHub endpoints (e.g., the GitHub API curl in Step 2 and raw.githubusercontent.com example-config.yaml/spec.md in Step 4) which are open third‑party sources that the agent will read and act on to build configs and choose versions, allowing injected instructions to influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly runs runtime fetches of remote executable code (curl to download the otelcol-contrib tarball from GitHub releases: https://github.com/open-telemetry/opentelemetry-collector-releases/releases/download/v<numeric_version>/otelcol-contrib_<numeric_version>.tar.gz and/or docker pull otel/opentelemetry-collector-contrib:<numeric_version>), which retrieves code that will be executed and is a required dependency.