Sentry Agent Skills

Install 21 skills and Claude Code starts reviewing your pull requests like a senior Sentry engineer — catching IDOR vulnerabilities in Django, enforcing commit conventions, auditing GitHub Actions for secret exposure, and iterating on PRs until CI passes. All without you typing a single review checklist. Before these skills, getting an AI coding assistant to follow your team's engineering standards meant pasting conventions into every prompt. Sentry's team encoded their entire development playbook into agent skills: how they name branches, structure commit messages, write blog posts, handle security reviews, and manage PR workflows. The result is institutional knowledge that transfers to every new team member and every AI session automatically. The security skills alone justify the install. The django-access-review skill catches IDOR vulnerabilities — the kind of access control bugs that slip through standard code review because they require understanding how Django's ORM maps to authorization. The gha-security-review skill audits your GitHub Actions workflows for script injection, exposed secrets, and privilege escalation. The general security-review skill runs vulnerability assessments across your codebase. The iterate-pr skill is where teams report the biggest time savings. Instead of manually fixing CI failures, pushing, waiting, and repeating, the skill drives an automated loop: read CI output, apply fixes, push again, repeat until green. For teams running 20+ PRs a day, this eliminates hours of context-switching. Setup is one command: npx skills add getsentry/skills. Works with Claude Code, Cursor, Cline, and any agent supporting the skills.sh ecosystem. Apache 2.0 licensed, so you can fork the entire collection and adapt the conventions to your own team's standards — which is exactly how Sentry intended it.