sentry-alerts-issues
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) because it processes untrusted data from Sentry issues while having access to powerful tools like Bash.
- Ingestion points: Untrusted data enters the agent context via the Sentry Issues API (
sentry.io/api/0/projects/{org}/{project}/issues/) as described in the API Integration section. - Boundary markers: There are no explicit instructions or delimiters present to warn the agent about potentially malicious instructions embedded in the retrieved issue data.
- Capability inventory: The skill is configured with broad capabilities, including
Bash,Write,Edit,Grep, andGlob, which increases the potential impact if an injection occurs. - Sanitization: The skill lacks any description of sanitization or validation mechanisms to filter or escape content retrieved from the Sentry API before it is processed by the agent.
Audit Metadata