sentry-cli
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides the official installation command for the Sentry CLI, which involves fetching a script from cli.sentry.dev and piping it to a shell. This is a trusted source and is the vendor-recommended method for installation.
- [COMMAND_EXECUTION]: Extensive use of the sentry CLI binary to perform operations such as creating releases, managing issues, and querying performance data. This includes commands for diagnosing and fixing CLI configuration.
- [CREDENTIALS_UNSAFE]: The documentation includes commands like sentry auth token and sentry auth status --show-token which are intended for managing authentication state but could be used to expose secrets if executed without user oversight.
- [PROMPT_INJECTION]: The skill retrieves and processes external content from Sentry APIs (e.g., logs, issue descriptions, stack traces). This creates an attack surface for indirect prompt injection. 1. Ingestion points: Data retrieved through commands like sentry issue view, sentry log list, and sentry trace view. 2. Boundary markers: None explicitly defined. 3. Capability inventory: Subprocess execution (sentry CLI), file system access, and network requests. 4. Sanitization: Relies on agent internal filters.
Audit Metadata