Skills
skills/getsentry/sentry-javascript/e2e/Gen Agent Trust Hub

e2e

Warn

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses user-supplied strings to construct shell commands, which can lead to arbitrary code execution if metacharacters are used.
  • Ingestion points: The user provides the <test-app-name> and optional --variant arguments in SKILL.md.
  • Boundary markers: There are no markers or delimiters used to separate user-provided data from the shell command context.
  • Capability inventory: The skill executes ls, yarn build, and yarn test:run, providing broad access to the local development environment.
  • Sanitization: The instructions do not direct the agent to validate the input against a whitelist or to escape shell metacharacters before command execution.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 28, 2026, 11:42 AM