ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Sentry Cli

Sentry.io error monitoring via sentry-cli. Use when working with Sentry releases, source maps, dSYMs, events, or issue management. Covers authentication, release workflows, deploy tracking, and debug file uploads.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 1.5k · 1 current installs · 1 all-time installs
by@iAhmadZain
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description align with the SKILL.md: everything is about sentry-cli release management, sourcemaps, dSYMs, events, and CI integration. The commands and examples are coherent with the stated purpose.
Instruction Scope
SKILL.md instructs the agent to run sentry-cli commands that legitimately operate on releases, source maps, debug artifacts, and optionally local files (e.g., /var/log/app.log, Xcode DerivedData paths). These file references are expected for this domain but mean the agent may be instructed to read and upload local artifacts or logs — verify you are comfortable with that level of file access.
!
Install Mechanism
The skill has no formal install spec in registry (instruction-only) but the README suggests installing via brew, npm, or a direct download using curl -sL https://sentry.io/get-cli/ | bash. brew/npm are standard, but the curl|bash pattern is higher-risk (pipe-to-shell). The URL is an official sentry.io domain, which reduces suspicion, but a user should prefer vetted package installs or inspect the downloaded script before executing.
!
Credentials
Registry metadata declares no required env vars or primary credential, yet SKILL.md repeatedly references sensitive environment variables and config (.sentryclirc, SENTRY_AUTH_TOKEN, SENTRY_ORG, SENTRY_PROJECT). This is a mismatch: the skill will rely on sensitive tokens and org/project settings even though none are declared. Requesting SENTRY_AUTH_TOKEN is expected for sentry-cli, but the lack of declared required credentials and the skill's unknown source makes it important to check token scope and storage location before use.
Persistence & Privilege
The skill does not request always:true, has no install that writes persistent system-wide configuration beyond normal sentry-cli usage (it suggests storing tokens in .sentryclirc). It does not modify other skills or agent-wide settings in the provided instructions.
What to consider before installing
This SKILL.md is a legitimate how-to for sentry-cli, but take these precautions before installing or using it: 1) The skill metadata lists no source or homepage — verify the publisher before trusting it. 2) The instructions use sensitive values (SENTRY_AUTH_TOKEN, SENTRY_ORG, SENTRY_PROJECT) even though the registry did not declare required credentials — only provide a token with the minimum scope needed (prefer a CI-specific token), and avoid placing high-privilege tokens in global env. 3) Prefer installing sentry-cli via your platform's package manager (brew or npm) rather than blindly running curl | bash; if you must use the installer script, inspect it first. 4) Be aware the commands may read and upload local artifacts or logs (dSYMs, /var/log/app.log, build artifacts) — review what will be uploaded. 5) If you allow autonomous agent invocation, restrict when the skill can run and monitor token usage. If you want, request the skill author to declare required env vars and provide a verifiable homepage/source before proceeding.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.1
Download zip
latestvk979qywgj524ma874tn518mq7580jj3b

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Sentry CLI

Interact with Sentry.io for error monitoring, release management, and debug artifact uploads.

Installation

# macOS
brew install sentry-cli

# npm (cross-platform)
npm install -g @sentry/cli

# Direct download
curl -sL https://sentry.io/get-cli/ | bash

Authentication

# Interactive login (opens browser)
sentry-cli login

# Or set token directly
export SENTRY_AUTH_TOKEN="sntrys_..."

# Verify
sentry-cli info

Store tokens in .sentryclirc or environment:

[auth]
token=sntrys_...

[defaults]
org=my-org
project=my-project

Releases

Create & Finalize

# Create release (usually git SHA or version)
sentry-cli releases new "$VERSION"

# Associate commits (links errors to commits)
sentry-cli releases set-commits "$VERSION" --auto

# Finalize when deployed
sentry-cli releases finalize "$VERSION"

# One-liner for CI
sentry-cli releases new "$VERSION" --finalize

Deploys

# Mark release as deployed to an environment
sentry-cli releases deploys "$VERSION" new -e production
sentry-cli releases deploys "$VERSION" new -e staging

List Releases

sentry-cli releases list
sentry-cli releases info "$VERSION"

Source Maps

Upload source maps for JavaScript error deobfuscation:

# Upload all .js and .map files
sentry-cli sourcemaps upload ./dist --release="$VERSION"

# With URL prefix (match your deployed paths)
sentry-cli sourcemaps upload ./dist \
  --release="$VERSION" \
  --url-prefix="~/static/js"

# Validate before upload
sentry-cli sourcemaps explain ./dist/main.js.map

Inject Debug IDs (Recommended)

# Inject debug IDs into source files (modern approach)
sentry-cli sourcemaps inject ./dist
sentry-cli sourcemaps upload ./dist --release="$VERSION"

Debug Files (iOS/Android)

dSYMs (iOS)

# Upload dSYMs from Xcode archive
sentry-cli debug-files upload --include-sources path/to/dSYMs

# From derived data
sentry-cli debug-files upload ~/Library/Developer/Xcode/DerivedData/*/Build/Products/*/*.app.dSYM

ProGuard (Android)

sentry-cli upload-proguard mapping.txt --uuid="$UUID"

Check Debug Files

sentry-cli debug-files check path/to/file
sentry-cli debug-files list

Events & Issues

Send Test Event

sentry-cli send-event -m "Test error message"
sentry-cli send-event -m "Error" --logfile /var/log/app.log

Query Issues

# List unresolved issues
sentry-cli issues list

# Resolve an issue
sentry-cli issues resolve ISSUE_ID

# Mute/ignore
sentry-cli issues mute ISSUE_ID

Monitors (Cron)

# Wrap a cron job
sentry-cli monitors run my-cron-monitor -- /path/to/script.sh

# Manual check-ins
sentry-cli monitors check-in my-monitor --status ok
sentry-cli monitors check-in my-monitor --status error

CI/CD Integration

GitHub Actions

- name: Create Sentry Release
  uses: getsentry/action-release@v1
  env:
    SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
    SENTRY_ORG: my-org
    SENTRY_PROJECT: my-project
  with:
    environment: production
    sourcemaps: ./dist

Generic CI

export SENTRY_AUTH_TOKEN="$SENTRY_TOKEN"
export SENTRY_ORG="my-org"
export SENTRY_PROJECT="my-project"
VERSION=$(sentry-cli releases propose-version)

sentry-cli releases new "$VERSION" --finalize
sentry-cli releases set-commits "$VERSION" --auto
sentry-cli sourcemaps upload ./dist --release="$VERSION"
sentry-cli releases deploys "$VERSION" new -e production

Common Flags

FlagDescription
-o, --orgOrganization slug
-p, --projectProject slug
--auth-tokenOverride auth token
--log-leveldebug/info/warn/error
--quietSuppress output

Troubleshooting

# Check configuration
sentry-cli info

# Debug upload issues
sentry-cli --log-level=debug sourcemaps upload ./dist

# Validate source map
sentry-cli sourcemaps explain ./dist/main.js.map

# Check connectivity
sentry-cli send-event -m "test" --log-level=debug

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…