rm-sentry-issue-fixer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly ingests untrusted Sentry event data (exception messages, breadcrumbs, request bodies, attachments) via MCP tools like get_issue_details, search_issue_events, get_event_attachment and analyze_issue_with_seer, and the SKILL.md workflow requires the agent to read and act on that data to determine fixes, so third-party (user-generated) content could indirectly inject instructions.