Skills
skills/getsentry/sentry-for-claude/sentry-ios-swift-setup/Gen Agent Trust Hub

sentry-ios-swift-setup

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The skill instructs the agent to download the sentry-cocoa SDK from https://github.com/getsentry/sentry-cocoa. While this is the official repository for a widely-used service, the organization getsentry is not included in the provided list of trusted GitHub organizations. The severity is reduced from MEDIUM to LOW because this action is the primary intended purpose of the skill.
  • [PROMPT_INJECTION] (LOW): The skill exhibits a surface for Indirect Prompt Injection (Category 8) by reading and processing local project files.
  • Ingestion points: Uses grep and ls to read content from Package.swift, Podfile, and local .swift source files.
  • Boundary markers: No explicit instructions are provided to the agent to ignore potentially malicious instructions embedded within the project files it reads.
  • Capability inventory: The skill allows the agent to use Write, Edit, and Bash tools, which could be exploited if the agent follows instructions found within analyzed project files.
  • Sanitization: No sanitization or validation of the file content is performed before processing.
  • [CREDENTIALS_UNSAFE] (SAFE): The skill correctly uses placeholders like YOUR_DSN_HERE and instructs the user to set environment variables or configuration values manually, avoiding hardcoded secrets.
  • [COMMAND_EXECUTION] (SAFE): The bash commands used (ls, grep) are restricted to project discovery and environment checks, which is appropriate for the skill's stated utility.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 04:27 AM