home / skills / jeremylongshore / claude-code-plugins-plus-skills / sentry-policy-guardrails

sentry-policy-guardrails skill

safe

/plugins/saas-packs/sentry-pack/skills/sentry-policy-guardrails

This skill enforces Sentry governance by generating shared configuration, audit reports, and policy templates to standardize usage across teams.

npx playbooks add skill jeremylongshore/claude-code-plugins-plus-skills --skill sentry-policy-guardrails

Review the files below or copy the command above to add this skill to your agents.

Files (8)

SKILL.md

1.8 KB

---
name: sentry-policy-guardrails
description: |
  Implement governance and policy guardrails for Sentry.
  Use when enforcing organizational standards, compliance rules,
  or standardizing Sentry usage across teams.
  Trigger with phrases like "sentry governance", "sentry standards",
  "sentry policy", "enforce sentry configuration".
allowed-tools: Read, Write, Edit, Grep
version: 1.0.0
license: MIT
author: Jeremy Longshore <[email protected]>
---

# Sentry Policy Guardrails

## Prerequisites

- Organization-wide standards documented
- Team structure defined
- Compliance requirements identified
- Shared configuration package repository

## Instructions

1. Create shared Sentry configuration package with organization defaults
2. Define enforced settings that cannot be overridden (sendDefaultPii, sample rates)
3. Implement mandatory PII scrubbing in beforeSend hook
4. Add environment enforcement to block test data in production
5. Create standard alert policy templates with required rules
6. Implement project naming validation following team-service-environment pattern
7. Build configuration audit script to check compliance across projects
8. Set up compliance dashboard with metrics reporting
9. Document policy requirements and share with all teams
10. Enforce shared config package usage in CI/CD pipelines

## Output
- Shared Sentry configuration package
- Enforced organization defaults
- Alert policy templates
- Project naming validation
- Compliance audit reports

## Error Handling

See `{baseDir}/references/errors.md` for comprehensive error handling.

## Examples

See `{baseDir}/references/examples.md` for detailed examples.

## Resources
- [Sentry Organization Settings](https://docs.sentry.io/product/accounts/getting-started/)
- [Sentry API](https://docs.sentry.io/api/)

Overview

This skill implements governance and policy guardrails for Sentry to enforce organization-wide standards, compliance, and consistent project configuration. It helps teams adopt a shared Sentry configuration package, mandatory settings, and automated checks so Sentry usage remains secure and auditable across the organization. The outcome is standardized alerting, validated project naming, and regular compliance reporting.

How this skill works

The skill builds a shared Sentry configuration package containing organization defaults and enforced settings that cannot be overridden. It injects mandatory PII scrubbing in the beforeSend hook, enforces environment rules to prevent test data reaching production, and provides alert policy templates. Automated audit scripts scan projects via the Sentry API, produce compliance reports, and surface issues on a compliance dashboard; CI/CD gates can block noncompliant changes.

When to use it

Enforcing organization-wide Sentry configuration and defaults
Standardizing alert policies and required rules across teams
Preventing sensitive data and test traffic from reaching production
Validating project names to a team-service-environment pattern
Automating compliance audits and reporting for security or regulatory needs

Best practices

Create a single shared configuration package stored in a supported package repo and version it semantically
Document enforced settings clearly and keep a small set of non-overridable controls (PII handling, sampling)
Implement beforeSend PII scrubbing centrally and test with representative events
Use CI/CD checks to enforce use of the shared config and reject overrides
Publish alert policy templates and require teams to inherit or reference them
Run regular automated audits and expose results on a compliance dashboard

Example use cases

Provision a new Sentry project that automatically inherits organization defaults and naming validation
Block deployments that would disable required PII scrubbing or change sample rates via CI/CD policy checks
Run nightly compliance audits and generate reports listing projects out of policy
Apply standardized alert templates to ensure consistent incident routing and severity levels
Enforce an environment naming scheme so test traffic never mixes with production events

FAQ

How do I prevent teams from overriding enforced settings?

Make the most sensitive settings non-overridable in the shared config package and enforce usage via CI/CD checks that fail builds if a project does not reference the approved package.

Can I audit existing projects for compliance automatically?

Yes. Use the included audit scripts with the Sentry API to scan projects for policy violations, produce reports, and feed results into a compliance dashboard or issue tracker.