sentry-setup-metrics

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] Benign. The fragment is a comprehensive, documentation-driven skill for configuring Sentry Metrics across platforms. It shows legitimate usage patterns, placeholder DSNs, and standard SDK version checks. No malicious behavior, no suspicious data flows beyond normal metric reporting to Sentry endpoints, and the scope is proportionate to the stated goal. LLM verification: This is an instructional skill that documents how to enable and use official Sentry metrics in supported runtimes. There is no evidence of malicious code or obfuscated payloads. Primary security concerns are operational: avoid hardcoding DSNs, do not send PII/secrets as metric attributes (use beforeSendMetric to scrub), and prefer pinned/package-version controls rather than unpinned 'latest' installs to reduce supply-chain risk. The content is safe to follow if practitioners apply standard secur