sentry-skill
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Unverifiable Dependencies & Remote Code Execution] (CRITICAL): The skill executes a remote script by piping it directly to the shell using the command
curl -sL https://sentry.io/get-cli/ | bash. * Evidence: Automated scanner detected a piped remote code execution pattern targeting the URLhttps://sentry.io/get-cli/. * Trust Status: The domain sentry.io is not listed as a 'Trusted External Source' in the security policy. * Risk: Executing remote scripts without integrity verification or sourcing from whitelisted providers allows an external entity to run arbitrary commands on the agent's host environment.
Recommendations
- HIGH: Downloads and executes remote code from: https://sentry.io/get-cli/ - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata