skills/jeremylongshore/claude-code-plugins-plus-skills/sentry-advanced-troubleshooting/Gen Agent Trust Hub
sentry-advanced-troubleshooting
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill is granted 'Bash(cmd:*)' permissions, providing unrestricted access to the shell environment. This is intended for 'sentry-cli' usage and dependency auditing (e.g., 'npm list'), but the excessive scope allows for potentially dangerous system commands.
- PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it instructs the agent to ingest and analyze external application logs and CLI outputs which may contain malicious instructions.
- Ingestion points: Application logs, sentry-cli output, environment data.
- Boundary markers: None identified in instructions to separate data from instructions.
- Capability inventory: High-risk capabilities available including 'Bash', 'Write', and 'Edit'.
- Sanitization: No sanitization or verification of external log data is performed before processing.
- DATA_EXFILTRATION (LOW): The skill accesses the 'SENTRY_DSN' and performs network operations via Sentry SDK calls. The unrestricted 'Bash' tool could be misused to transmit sensitive environment variables or local files to external endpoints.
- REMOTE_CODE_EXECUTION (LOW): The skill utilizes a pattern of generating local TypeScript files (e.g., 'diagnostic.ts') and executing them. While based on local templates, this dynamic execution of generated code increases the attack surface.
Audit Metadata