Security risk report for @forgecat/openai_skills_sentry v0.0.10
Source Integrity
Low
Profile is sourced from OpenAI's official skills repository (GitHub: openai/skills), a well-established and trusted upstream.
Metadata includes original commit hash and timestamp, enabling verification and traceability of the artifact.
Agent Intent
Low
Content describes legitimate read-only Sentry API operations (list issues, fetch events, retrieve details) with no instructions to manipulate the AI, exfiltrate data, or bypass security controls.
Documentation explicitly constrains operations to GET-only endpoints and read-only token scopes; no guidance poisoning or role hijacking present.
No instructions to reveal system prompts, read sensitive files, or install remote payloads.
Details
Evidence
Always use these endpoints (GET only): /api/0/projects/{org_slug}/{project_slug}/issues/, /api/0/issues/{issue_id}/, etc.
Never ask the user to paste the full token in chat. Ask them to set it locally and confirm when ready.
Never echo auth tokens.
Permissions
Low
Profile declares no tools or MCP servers; all operations are performed via a bundled Python script (`scripts/sentry_api.py`) that makes authenticated HTTP GET requests to the Sentry API.
Authority is narrowly scoped to read-only Sentry API queries matching the stated function (inspect issues, summarize errors, pull health data).
No shell execution, file mutation, or excessive agency requested.
Details
Evidence
Use `scripts/sentry_api.py` for deterministic API calls.
Always use these endpoints (GET only).
Defaults: org/project {your-org}/{your-project}, time range 24h, environment prod, limit 20 (max 50).
MCP Risk
Low
No MCP servers are defined in the profile.
All operations rely on a bundled, deterministic Python script with explicit API endpoint constraints and read-only semantics.