sentry-sdk-upgrade
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Employs standard system utilities (grep, find, cat) and package managers (npm, yarn, pnpm) to analyze project files and update dependencies. This behavior is consistent with the skill's primary purpose of SDK maintenance.
- [EXTERNAL_DOWNLOADS]: Downloads updated SDK packages and utilizes npx @sentry/wizard for guided migrations. These operations target official Sentry packages and tools managed by the vendor.
- [REMOTE_CODE_EXECUTION]: Executes the Sentry upgrade wizard and build commands (npm run build, npx tsc) to verify migration success. These actions are performed on local project code as part of a standard development workflow.
- [PROMPT_INJECTION]: The skill processes untrusted project source code and configuration files to identify deprecated patterns. While this constitutes an indirect injection surface, the logic is specifically constrained to identifying Sentry-related SDK patterns. Ingestion points: package.json, project source files. Capability inventory: file writing, shell command execution (npm install, npx tsc, build scripts). Sanitization: Absent. Boundary markers: Absent.
Audit Metadata