sentry-otel-exporter-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and use public files from GitHub (e.g., the example config at https://raw.githubusercontent.com/... and release info via https://api.github.com/...), telling the agent to WebFetch the example config and base the collector configuration on that third‑party content, which could influence subsequent configuration and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs the runtime to download and run the OpenTelemetry Collector binary from GitHub releases (e.g. https://github.com/open-telemetry/opentelemetry-collector-releases/releases/download//otelcol-contrib_.tar.gz) and also fetches live config templates from https://raw.githubusercontent.com/open-telemetry/opentelemetry-collector-contrib/main/exporter/sentryexporter/docs/example-config.yaml, so remote code/config is fetched and executed/used at runtime.