Back to skill

Security audit

Sentry Integration

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent Sentry integration, but it gives an agent token-backed access to sensitive error data and production issue changes without strong approval or redaction guidance.

Install only if you intend to let the agent work with your Sentry account. Use a least-privilege token for the specific org/project, avoid exposing full event data unless needed, redact sensitive output before sharing it, and require explicit confirmation before any resolve, ignore, assign, bulk update, release finalization, deploy record, or source-map upload.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs users to create and export a long-lived Sentry auth token and immediately use it for CLI and API operations, but it does not warn about secure storage, shell history, scope minimization beyond a suggested set, or that requests send potentially sensitive project metadata to Sentry. In an agent context, this can normalize unsafe credential handling and increase the chance of accidental token exposure or overbroad data access.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documented workflow fetches full event payloads and stack traces, which often contain sensitive application data such as request metadata, usernames, file paths, tokens, or PII. Because the skill gives no warning or redaction guidance, an agent or user may retrieve and further expose sensitive incident data unnecessarily.

Missing User Warnings

Low
Confidence
90% confidence
Finding
These commands modify production issue state by resolving, ignoring, assigning, or bulk-updating issues, yet the skill does not clearly warn that they are state-changing actions. In an agent-driven workflow, this raises the risk of unintended operational changes that can suppress active incidents or alter triage ownership without sufficient confirmation.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.