Missing User Warnings
Medium
- Confidence
- 92% confidence
- Finding
- The skill instructs users to create and export a long-lived Sentry auth token and immediately use it for CLI and API operations, but it does not warn about secure storage, shell history, scope minimization beyond a suggested set, or that requests send potentially sensitive project metadata to Sentry. In an agent context, this can normalize unsafe credential handling and increase the chance of accidental token exposure or overbroad data access.
