Skills
skills/getsentry/sentry-skills/skill-scanner/Gen Agent Trust Hub

skill-scanner

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is a security utility intended for auditing other skills. The identified malicious patterns are part of its detection logic and reference material, rather than being part of the skill's operational instructions.
  • [PROMPT_INJECTION]: The file references/prompt-injection-patterns.md contains numerous jailbreak and instruction override examples. These are used as detection signatures for the scanner and do not attempt to manipulate the current agent session.
  • [REMOTE_CODE_EXECUTION]: The references/dangerous-code-patterns.md and scripts/scan_skill.py files contain code fragments related to arbitrary execution and exfiltration. These are processed as static text for regex-based auditing and are not executed by the skill.
  • [COMMAND_EXECUTION]: The skill requires Bash permissions to execute its bundled Python-based scanner using the uv package manager. This use of the shell is legitimate and necessary for the tool's primary function.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 06:51 AM