check-observability
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill executes shell scripts located outside its own directory at
~/.claude/skills/sentry-observability/scripts/detect_sentry.shandlist_alerts.sh. - Evidence: Found in
SKILL.mdunder sections 'Error Tracking Check' and 'Alerting Check'. Execution of scripts from external skill paths can lead to unexpected behavior if those dependencies are modified or malicious. - [DATA_EXFILTRATION] (MEDIUM): The skill accesses the sensitive
.env.localfile to verify the presence of credentials likeSENTRY_DSNandPOSTHOG_KEY. - Evidence:
grep -q "SENTRY_DSN|NEXT_PUBLIC_SENTRY_DSN" .env.localinSKILL.md. - Context: While this is a 'silent' check (grep -q) used for the primary purpose of an observability audit, direct access to environment files is a sensitive operation. Per the evaluation rules, this is downgraded from HIGH to MEDIUM as it is central to the skill's stated purpose.
- [REMOTE_CODE_EXECUTION] (SAFE): No remote code execution patterns (e.g., curl piped to bash) were detected. All commands are executed against local files.
- [PROMPT_INJECTION] (SAFE): No prompt injection or behavior override markers were detected in the instructions or metadata.
Audit Metadata