sentry
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The skill contains multiple instances of the 'curl | bash' pattern, specifically referencing 'https://canifi.com/skills/sentry/install.sh' and 'https://canifi.com/install.sh'. This method executes unverified remote code with local user privileges, posing a severe security risk.
- [EXTERNAL_DOWNLOADS] (HIGH): The installation instructions rely on the domain 'canifi.com', which is not a trusted source. Executing code from unknown external sources is a primary vector for supply-chain attacks.
- [CREDENTIALS_UNSAFE] (MEDIUM): The documentation explicitly guides users to store sensitive credentials, including 'SERVICE_PASSWORD', in environment variables using 'canifi-env'. This practice exposes plain-text secrets to any local process or other agent skills that can access the environment.
- [COMMAND_EXECUTION] (HIGH): The skill prompts the user to execute shell commands that modify the local filesystem ('cp -r skills/sentry ~/.canifi/skills/') and environment configuration, increasing the attack surface.
Recommendations
- HIGH: Downloads and executes remote code from: https://canifi.com/skills/sentry/install.sh, https://canifi.com/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata