sentry-sdk-upgrade
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands such as
cat,grep, andfindto identify installed Sentry packages and detect deprecated API patterns within the project's source code. - [EXTERNAL_DOWNLOADS]: The skill facilitates the download and installation of updated Sentry SDK packages using standard package managers (
npm,yarn,pnpm). All referenced external documentation and repositories point to official Sentry domains (sentry.io,docs.sentry.io) and the officialgetsentryGitHub organization, which are trusted vendor resources. - [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it processes project files (e.g.,
package.json, source code) which could contain malicious instructions. - Ingestion points:
package.jsonand project source files (e.g.,*.ts,*.js,*.tsx). - Boundary markers: No specific delimiters or boundary instructions are utilized when reading file content.
- Capability inventory: The skill possesses capabilities to read files, perform pattern matching, and execute package management commands.
- Sanitization: No explicit sanitization or filtering of file content is performed prior to the AI processing the code logic for migration advice.
Audit Metadata