Skip to content

feat: Add similar-sdks skill#51

Open
adinauer wants to merge 3 commits intofeat/local-repo-skillfrom
feat/similar-sdks-skill
Open

feat: Add similar-sdks skill#51
adinauer wants to merge 3 commits intofeat/local-repo-skillfrom
feat/similar-sdks-skill

Conversation

@adinauer
Copy link
Member

A skill that is aware of SDK groups and allows you to run the /local-repo skill on multiple repos at once.

How it works

  • Knows about grouping, e.g. sentry-python and sentry-ruby are backend SDKs.
  • Uses /local-repo skill on all SDK repos in the same category as the current repo (where you started the chat) by default.
  • Can also be supplied with a category to pick the group, e.g. /similar-sdks mobile: Which SDKs use JavaScript SDK

Why

Referencing multiple other SDKs with /local-repo skill explicitly can be shortened in chat. Allows broader investigations and comparison between SDK where you would focus on one or two other SDKs previously it is now easy to go over more of them.

Example Usages

  • Is user ID covered by sendDefaultPii in /similar-sdks

  • /similar-sdks backend: compare what products event processors are able to modify

Comment on lines +1 to +5
---
name: similar-sdks
description: Investigate how other Sentry SDKs in the same category implement a concept. Use when asked to "check other SDKs", "how do other SDKs do X", "similar SDKs", "cross-sdk comparison", "compare SDK implementations", "what do sibling SDKs do", or investigate a feature across backend, mobile, or frontend SDK groups.
argument-hint: "[category:] <query>"
---
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟠 [VPS-36C] Missing allowed-tools frontmatter (high confidence)

Skill does not declare allowed-tools in frontmatter, granting implicit access to all tools. Should explicitly restrict to required tools: Bash, Read, Skill, Task.

Suggested fix: Add allowed-tools field to frontmatter to follow least privilege principle

Suggested change
---
name: similar-sdks
description: Investigate how other Sentry SDKs in the same category implement a concept. Use when asked to "check other SDKs", "how do other SDKs do X", "similar SDKs", "cross-sdk comparison", "compare SDK implementations", "what do sibling SDKs do", or investigate a feature across backend, mobile, or frontend SDK groups.
argument-hint: "[category:] <query>"
---
allowed-tools: ["Read", "Bash", "Skill", "Task"]

Identified by Warden via skill-scanner · medium, high confidence

@@ -0,0 +1,77 @@
# Sentry SDK Dependencies
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: The sdk-dependencies.md file is missing entries for sentry-capacitor, sentry-cordova, and sentry-dart-plugin, which will cause incorrect results for uses: or used-by: queries from these SDKs.
Severity: MEDIUM

Suggested Fix

Add the missing SDKs (sentry-capacitor, sentry-cordova, and sentry-dart-plugin) to the sdk-dependencies.md file. Research and list their respective dependencies accurately to ensure the dependency graph is complete.

Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location: plugins/sentry-skills/skills/similar-sdks/references/sdk-dependencies.md#L1

Potential issue: The `sdk-dependencies.md` reference file is missing entries for three
SDKs that are listed in `sdk-groups.md`: `sentry-capacitor`, `sentry-cordova`, and
`sentry-dart-plugin`. For example, `sentry-capacitor` has dependencies on
`sentry-javascript`, `sentry-cocoa`, and `sentry-java`, but these are not recorded. When
a user invokes the skill with the `uses:` or `used-by:` category from one of these three
SDKs, the dependency lookup will fail to find the SDK in the reference file, leading to
incomplete or incorrect results.

Comment on lines +23 to +27
## sentry-laravel
- sentry-php

## sentry-symfony
- sentry-php
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: The skill fails silently when run from a repository like sentry-laravel that is not listed in sdk-groups.md, as it cannot determine a default category.
Severity: MEDIUM

Suggested Fix

Update the skill's instructions in SKILL.md to handle cases where the current repository is not found in any category in sdk-groups.md. The skill should provide a clear error message to the user explaining why it cannot proceed and what they can do, such as specifying a category manually.

Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location:
plugins/sentry-skills/skills/similar-sdks/references/sdk-dependencies.md#L23-L27

Potential issue: The skill's default behavior relies on finding the current repository
within a category defined in `sdk-groups.md`. However, some SDKs like `sentry-laravel`
and `sentry-symfony` are listed in `sdk-dependencies.md` but are not present in
`sdk-groups.md`. If the skill is run from one of these repositories without a specified
category, the logic to find target SDKs will produce an empty list. The skill will then
fail silently, providing no output or explanation to the user, creating a confusing user
experience.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant

Comments