ClawHub

Sentry Issues

Security checks across malware telemetry and agentic risk

Overview

This is a read-only Sentry issue helper that behaves as described, though detailed output can expose sensitive diagnostic data.

Install only if you are comfortable giving the agent read access to the Sentry projects covered by the token. Use a least-privilege token, prefer SENTRY_AUTH_TOKEN over passing tokens on the command line, and use --details only when authorized to view and share raw error-event data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill requires access to environment variables and the network to use a Sentry API token and call the Sentry API, but the skill file does not explicitly declare those capabilities or permissions. Hidden or undocumented capabilities weaken security review and policy enforcement because a user or runtime may not realize the skill can access secrets and transmit data externally.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill advertises retrieval of detailed Sentry event data such as full stack traces, tags, metadata, and browser/OS information without any warning that these fields may contain sensitive data. In practice, Sentry events can include PII, secrets, internal paths, request context, and user/device metadata, so encouraging broad retrieval without privacy guidance increases the risk of unnecessary exposure and mishandling.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
When --details is used, the script prints exception values, stack frames, frame context, breadcrumbs, tags, and event context directly to stdout. Sentry event payloads often contain secrets, PII, internal paths, request data, or session identifiers, so this can expose sensitive data in terminals, logs, CI output, or downstream agent transcripts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal