← Back to Skills Marketplace
Native Sentry
by
codeninja23
· GitHub ↗
· v1.0.1
594
Downloads
2
Stars
1
Active Installs
2
Versions
Install in OpenClaw
/install native-sentry
Description
Read Sentry issues, events, and production errors via the Sentry REST API. Use when the user wants to inspect errors, list recent issues, get stack traces, o...
Usage Guidance
This skill appears to do exactly what it says: read-only access to Sentry via the REST API. Before installing, confirm you provide a Sentry token with only read scopes (project:read, event:read, org:read). Be cautious if you override the base URL (SENTRY_BASE_URL or --base-url) because the token will be sent to that host — only point it at trusted Sentry instances. Avoid using --no-redact in shared or logged environments because it can expose PII and stack traces. If you need a higher assurance, review the included scripts/sentry_api.py yourself (it is small and uses only stdlib networking).
Capability Analysis
Type: OpenClaw Skill
Name: native-sentry
Version: 1.0.1
The skill bundle is classified as suspicious due to a potential shell injection vulnerability. While the `sentry_api.py` script itself employs good security practices like PII redaction, `argparse`, and `urlencode` to prevent injection within its own logic, the `SKILL.md` defines commands that take arguments (e.g., `ISSUE_ID`, `EVENT_ID`, `--query`) which, if directly interpolated from unsanitized user input by the OpenClaw agent into the bash command string, could lead to arbitrary shell command execution. This represents a significant vulnerability in the agent's interaction model with the skill, rather than intentional malice within the skill's code itself.
Capability Assessment
Purpose & Capability
Name/description, required binaries, declared primary env (SENTRY_AUTH_TOKEN) and included Python script all align with a read-only Sentry API helper. The script only implements listing issues, fetching events, and event/issue details — exactly what the description promises.
Instruction Scope
SKILL.md instructions restrict operations to HTTP reads against the configured Sentry base URL and only reference SENTRY_AUTH_TOKEN, SENTRY_ORG, SENTRY_PROJECT and optional SENTRY_BASE_URL. The instructions and script redaction behavior are explicit. Note: the skill allows disabling redaction (--no-redact) and supports overriding the base URL, which could result in tokens/data being sent to a non-Sentry host if misconfigured; the README and SKILL.md warn about PII exposure.
Install Mechanism
This is an instruction-only skill with a bundled pure-stdlib Python script; there is no install step that downloads external code or runs package managers. No risky install URLs or extract operations are present.
Credentials
Only SENTRY_AUTH_TOKEN is required (primary credential) and is appropriate for the stated read-only purpose. Optional environment variables (SENTRY_ORG, SENTRY_PROJECT, SENTRY_BASE_URL) are used for convenience; they are not required. The requested env access is proportional to the functionality.
Persistence & Privilege
The skill does not request always:true, has no install that persists to system locations beyond its own script, and does not modify other skills or system configs. Autonomous invocation is allowed by default (platform behavior) but is not combined with other privileged requests.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install native-sentry - After installation, invoke the skill by name or use
/native-sentry - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Hide SENTRY_AUTH_TOKEN and clarify PII warnings
v0.1.0
Initial release of native-sentry – read Sentry errors and issues via the REST API.
- Provides commands to list issues, get issue/event details, and summarize production health.
- Requires SENTRY_AUTH_TOKEN with read-only scopes (project:read, event:read, org:read).
- Supports filtering by project, org, environment, time range, and custom queries.
- Default PII redaction; stack traces optional.
- Self-hosted Sentry supported via `--base-url` or `SENTRY_BASE_URL`.
Metadata
Frequently Asked Questions
What is Native Sentry?
Read Sentry issues, events, and production errors via the Sentry REST API. Use when the user wants to inspect errors, list recent issues, get stack traces, o... It is an AI Agent Skill for Claude Code / OpenClaw, with 594 downloads so far.
How do I install Native Sentry?
Run "/install native-sentry" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Native Sentry free?
Yes, Native Sentry is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Native Sentry support?
Native Sentry is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Native Sentry?
It is built and maintained by codeninja23 (@codeninja23); the current version is v1.0.1.
More Skills