sentry-sdk-skill-creator
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands such as ls, grep, and cat to identify the project's programming language and framework during the detection phase.
- [EXTERNAL_DOWNLOADS]: The skill utilizes the official Sentry Wizard through npx @sentry/wizard@latest for automated project configuration. It also retrieves technical API details from official documentation on docs.sentry.io during the research phase. These operations are consistent with the skill's purpose and target verified vendor resources.
- [PROMPT_INJECTION]: The skill processes data from external web pages to generate SDK configuration instructions, representing a surface for indirect prompt injection. 1. Ingestion points: Technical details fetched from docs.sentry.io via the research tool. 2. Boundary markers: None explicitly defined. 3. Capability inventory: Command execution (npx, ls, cat, grep) and file writing to local history paths. 4. Sanitization: Relies on the agent's internal model reasoning.
Audit Metadata