ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Sentry Error Triage

v1.0.0

Sentry error tracking — list, triage, and resolve issues; manage releases and source maps via CLI and REST API.

0· 38·0 current·0 all-time
by@charlie-morrison

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for charlie-morrison/sentry-error-triage.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Sentry Error Triage" (charlie-morrison/sentry-error-triage) from ClawHub.
Skill page: https://clawhub.ai/charlie-morrison/sentry-error-triage
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: sentry-cli
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install sentry-error-triage

ClawHub CLI

Package manager switcher

npx clawhub@latest install sentry-error-triage
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
Name/description (Sentry triage) align with the actions shown (sentry-cli and Sentry REST API). However the registry metadata lists no required environment variables while the SKILL.md explicitly requires SENTRY_AUTH_TOKEN, SENTRY_ORG, and SENTRY_PROJECT — a clear mismatch between claimed requirements and the actual runtime needs.
!
Instruction Scope
SKILL.md contains concrete CLI and curl commands for Sentry, which is expected, but it also instructs the agent to "read the file" when checking if an error is in code the agent can access. That directs the agent to read local repository files (arbitrary file I/O) to suggest fixes — scope-creep that should be explicit and limited, not implicit in prose. The instructions also reference env vars (SENTRY_AUTH_TOKEN, etc.) that are not declared in the skill's top-level requirements.
Install Mechanism
The skill is instruction-only (no install spec in the registry), but SKILL.md embeds install instructions recommending global npm or pip installs of sentry-cli. This is not itself malicious, but it's inconsistent with the registry's 'no install spec' claim and the instructions use global installs (npm -g / pip) which can affect the host environment. There is no download-from-arbitrary-URL pattern here.
!
Credentials
The runtime requires a Sentry auth token and organization/project identifiers (reasonable for Sentry access), but the skill's declared requirements list no env vars or primary credential. The token requested in the docs should be declared explicitly in the metadata. Requiring an auth token is proportionate to the task, but the metadata omission is an important coherence/visibility problem.
Persistence & Privilege
always:false and default model-invocation behavior are used. The skill does not request permanent or elevated platform privileges. That said, because instructions ask the agent to read local files, you should control the agent's filesystem access when enabling the skill.
What to consider before installing
This skill appears to implement Sentry triage correctly, but there are a few red flags you should address before installing: (1) The SKILL.md requires SENTRY_AUTH_TOKEN, SENTRY_ORG, and SENTRY_PROJECT, but the skill metadata does not declare these — assume the skill will need a Sentry token with the scopes it lists. Only provide a token with the minimum scopes and avoid long-lived or org-wide tokens if possible. (2) The instructions tell the agent to read local code files to suggest fixes. If you enable this skill, limit the agent's filesystem access (run it in a repo-limited workspace or sandbox) so it can't read unrelated files. (3) Installation guidance recommends global npm/pip installs; prefer installing sentry-cli from an official package manager in a controlled environment (or use a container/virtualenv) to avoid polluting system-wide binaries. (4) Verify the skill author/origin before use — there is no homepage or publisher information. If you need higher confidence, ask the publisher to update the skill metadata to explicitly declare required env vars and installation steps, or perform manual triage via your own Sentry CLI/REST scripts rather than granting the skill live access.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binssentry-cli
latestvk9763hkfrq7cx3g1jypepvdpbd85nh68
38downloads
0stars
1versions
Updated 1d ago
v1.0.0
MIT-0
@charlie-morrison
latest
Download

Sentry Integration

Use sentry-cli and the Sentry REST API to monitor errors, triage issues, manage releases, and upload source maps.

Setup

# Install
npm i -g @sentry/cli
# — or —
pip install sentry-cli

# Auth (set once, used by all commands)
export SENTRY_AUTH_TOKEN="sntrys_..."   # Settings → Auth Tokens → Create
export SENTRY_ORG="my-org"
export SENTRY_PROJECT="my-project"

# Verify
sentry-cli info

Generate a token at sentry.io → Settings → Auth Tokens with scopes: project:read, project:releases, org:read, event:read.

CLI Commands

Releases

# Create a release (version from git)
sentry-cli releases new "$(sentry-cli releases propose-version)"

# Set commits (auto-detect from git)
sentry-cli releases set-commits "$VERSION" --auto

# Finalize (marks release as deployed)
sentry-cli releases finalize "$VERSION"

# Create + finalize in one step
sentry-cli releases new "$VERSION" --finalize

# Record a deploy
sentry-cli deploys new -r "$VERSION" -e production

# List releases
sentry-cli releases list

Source Maps

# Upload source maps for a release
sentry-cli sourcemaps upload ./dist --release "$VERSION"

# With URL prefix (match hosted paths)
sentry-cli sourcemaps upload ./dist --release "$VERSION" --url-prefix "~/static/js"

# Validate before upload
sentry-cli sourcemaps explain --release "$VERSION" --org "$SENTRY_ORG" --project "$SENTRY_PROJECT"

Send Test Event

sentry-cli send-event -m "Test event from CLI"
sentry-cli send-event -m "Deploy check" -t environment:production -t release:1.0.0

Monitor (Cron Monitoring)

# Wrap a command — Sentry tracks if it runs and succeeds
sentry-cli monitors run <monitor-slug> -- <command>
sentry-cli monitors run backup-job -- ./run-backup.sh

REST API (for queries the CLI doesn't cover)

Base URL: https://sentry.io/api/0 Auth header: Authorization: Bearer $SENTRY_AUTH_TOKEN

List Issues

# All unresolved issues for a project
curl -s "https://sentry.io/api/0/projects/$SENTRY_ORG/$SENTRY_PROJECT/issues/?query=is:unresolved" \
  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" | jq '.[].title'

# Organization-wide issues (sorted by last seen)
curl -s "https://sentry.io/api/0/organizations/$SENTRY_ORG/issues/?query=is:unresolved&sort=date" \
  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" | jq '.[] | {id, title, count, lastSeen}'

# Filter by level, time, assignment
curl -s "https://sentry.io/api/0/organizations/$SENTRY_ORG/issues/?query=is:unresolved+level:error+lastSeen:>2d" \
  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN"

Get Issue Details + Events

# Issue details
curl -s "https://sentry.io/api/0/issues/$ISSUE_ID/" \
  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" | jq '{title, status, count, firstSeen, lastSeen}'

# Latest events for an issue (stack traces, breadcrumbs)
curl -s "https://sentry.io/api/0/issues/$ISSUE_ID/events/?full=true" \
  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" | jq '.[0].entries'

Resolve / Ignore Issues

# Resolve
curl -s "https://sentry.io/api/0/issues/$ISSUE_ID/" \
  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" \
  -X PUT -H "Content-Type: application/json" \
  -d '{"status": "resolved"}'

# Resolve in next release
curl -s "https://sentry.io/api/0/issues/$ISSUE_ID/" \
  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" \
  -X PUT -H "Content-Type: application/json" \
  -d '{"status": "resolvedInNextRelease"}'

# Ignore for 24 hours
curl -s "https://sentry.io/api/0/issues/$ISSUE_ID/" \
  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" \
  -X PUT -H "Content-Type: application/json" \
  -d '{"status": "ignored", "statusDetails": {"ignoreDuration": 1440}}'

# Assign to team member
curl -s "https://sentry.io/api/0/issues/$ISSUE_ID/" \
  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" \
  -X PUT -H "Content-Type: application/json" \
  -d '{"assignedTo": "user@example.com"}'

Bulk Resolve

# Resolve multiple issues at once
curl -s "https://sentry.io/api/0/projects/$SENTRY_ORG/$SENTRY_PROJECT/issues/" \
  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" \
  -X PUT -H "Content-Type: application/json" \
  -d '{"id": ["123","456","789"], "status": "resolved"}'

Triage Workflow

When asked to check or triage Sentry errors:

  1. List unresolved issues sorted by frequency: query=is:unresolved&sort=freq
  2. For the top issues, fetch latest event with full stack trace
  3. Analyze the stack trace — identify the failing function, file, and line
  4. Check if the error is in code the agent can access (read the file, suggest a fix)
  5. Classify: critical (data loss, crash), high (user-facing errors), medium (degraded experience), low (cosmetic, logs)
  6. Resolve issues that have confirmed fixes deployed; ignore transient errors

Notes

  • Self-hosted Sentry: replace sentry.io with your instance URL
  • Rate limits: 40 requests/min for free tier, respect Retry-After headers
  • The CLI respects .sentryclirc files for project-level config
  • Use --log-level debug on any CLI command for troubleshooting

Comments

Loading comments...