The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill is designed to process external project data (files, commits, release metadata) and possesses powerful execution capabilities, presenting an indirect injection surface. Evidence: 1. Ingestion points: The skill uses Read, Grep, and Glob tools to ingest repository content. 2. Boundary markers: No delimiters or warnings are provided to separate untrusted data from instructions. 3. Capability inventory: High-privilege tools including Bash, Write, and Edit are enabled for the agent. 4. Sanitization: Examples demonstrate direct interpolation of environment variables into shell commands without validation.
[Data Exposure & Exfiltration] (SAFE): The skill references sensitive configuration files such as .sentryclirc and sentry.properties, but it correctly uses placeholders (e.g., 'your-auth-token') instead of hardcoded secrets.

sentry-release-management