query-events
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it is designed to ingest and interpret external data from Sentry logs, which are controlled by potentially untrusted application inputs.
- Ingestion points: The skill retrieves error messages, stack traces, user properties, and custom tags from Sentry projects using MCP tools.
- Boundary markers: The instructions do not specify the use of delimiters or clear boundaries to isolate the ingested Sentry data from the agent's operational logic.
- Capability inventory: The agent possesses the capability to query project-wide events, analyze patterns, and generate investigation recommendations based on the retrieved content.
- Sanitization: There is no evidence of content sanitization, validation, or filtering of the external data before it is processed by the model.
Audit Metadata