sentry-nextjs-sdk
Pass
Audited by Gen Agent Trust Hub on May 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses standard shell commands (ls, cat, grep, find) for project discovery and environment detection. These are used to identify the Next.js version, router type, and existing configurations.
- [SAFE]: Remote code execution is limited to the official Sentry setup wizard (
npx @sentry/wizard@latest), which is a well-known tool from the author (getsentry) for this purpose. - [SAFE]: The skill follows security best practices for credential management, advising users to store sensitive tokens like
SENTRY_AUTH_TOKENin environment variables or CI secrets rather than hardcoding them. - [SAFE]: AI Monitoring features (capturing LLM prompts and completions) are documented with clear PII (Personally Identifiable Information) warnings and explain that such features are opt-in via the
sendDefaultPiiconfiguration. - [SAFE]: All suggested dependencies (@sentry/nextjs, @sentry/profiling-node) are official Sentry SDK packages from a trusted vendor.
Audit Metadata