sentry
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Data Exposure & Exfiltration (SAFE): The skill correctly handles authentication by requiring a
SENTRY_AUTH_TOKENenvironment variable rather than hardcoding secrets. It proactively redacts PII (emails and IP addresses) from API responses using theredact_datafunction inscripts/sentry_api.pybefore displaying data to the user. - Indirect Prompt Injection (LOW): The skill possesses a surface for indirect prompt injection as it ingests untrusted data from Sentry issue titles and logs.
- Ingestion points: Sentry API responses fetched via
scripts/sentry_api.py(issue details, events, and stack traces). - Boundary markers: Absent; the agent is not explicitly instructed to ignore instructions embedded within the fetched observability data.
- Capability inventory: The skill can perform network reads to
sentry.ioand execute the local bundled Python script. - Sanitization: While PII redaction is present, there is no sanitization or filtering of the content for prompt injection patterns.
- Command Execution (SAFE): The skill executes a bundled script (
scripts/sentry_api.py) using structured arguments. It does not use shell interpolation of untrusted input or risky subprocess calls.
Audit Metadata