Skills
skills/getsentry/sentry-for-claude/sentry-code-review/Gen Agent Trust Hub

sentry-code-review

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is explicitly programmed to extract and execute instructions from an external source (GitHub PR comments) specifically labeled as 'Prompt for AI Agent'. 1. Ingestion points: The skill uses the 'gh' command via Bash and the 'WebFetch' tool to pull comment data from GitHub. 2. Boundary markers: No delimiters or instructions are used to separate external content from the agent's core logic. 3. Capability inventory: The skill has 'Bash', 'Edit', and 'Write' tools, enabling file modification and command execution based on the processed data. 4. Sanitization: There is no validation or filtering of the content within the 'Prompt for AI Agent' section.
  • [COMMAND_EXECUTION]: The skill uses the 'Bash' tool to run GitHub CLI commands ('gh api') for data retrieval.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes 'WebFetch' to download data from GitHub PR URLs.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 12:56 PM