diff --git a/skills/sentry-elixir-sdk/SKILL.md b/skills/sentry-elixir-sdk/SKILL.md index ac7b28c..4085e94 100644 --- a/skills/sentry-elixir-sdk/SKILL.md +++ b/skills/sentry-elixir-sdk/SKILL.md @@ -289,6 +289,10 @@ For each feature: `Read ${SKILL_ROOT}/references/.md`, follow steps exa | `:enable_logs` | `boolean` | `false` | Enable Sentry Logs Protocol (v12.0.0+) | | `:test_mode` | `boolean` | `false` | Capture events in-memory for testing | +### Default PII Guidance + +Most Sentry SDKs expose a send-default-PII option. As of sentry v12, the Elixir SDK does not expose a `send_default_pii` config option in its documented option list or current config schema, so do **not** add a non-existent option. For richer user context, use `Sentry.PlugContext` and explicitly set allowed fields with `Sentry.Context.set_user_context/1`, then scrub with `:before_send` if needed. If a future Elixir SDK release adds `send_default_pii`, recommend setting it. + ### Environment Variables | Variable | Maps to | Purpose | diff --git a/skills/sentry-nestjs-sdk/references/ai-monitoring.md b/skills/sentry-nestjs-sdk/references/ai-monitoring.md index 11004b6..dfde887 100644 --- a/skills/sentry-nestjs-sdk/references/ai-monitoring.md +++ b/skills/sentry-nestjs-sdk/references/ai-monitoring.md @@ -39,7 +39,7 @@ All integrations listed below are **auto-enabled** when the corresponding AI lib ### Auto-Enabled Setup -OpenAI is auto-instrumented — no changes to `instrument.ts` needed. To customize: +OpenAI is auto-instrumented — no changes to `instrument.ts` needed: ```typescript // instrument.ts @@ -51,10 +51,7 @@ Sentry.init({ streamGenAiSpans: true, sendDefaultPii: true, // enables recordInputs/recordOutputs by default integrations: [ - Sentry.openAIIntegration({ - recordInputs: true, // capture prompts sent to OpenAI - recordOutputs: true, // capture generated text/completions - }), + Sentry.openAIIntegration(), ], }); ``` @@ -69,11 +66,9 @@ import * as Sentry from "@sentry/nestjs"; const openai = new OpenAI({ apiKey: process.env.OPENAI_API_KEY }); -// Wrap once at module level — reuse this client everywhere -const client = Sentry.instrumentOpenAiClient(openai, { - recordInputs: true, - recordOutputs: true, -}); +// Wrap once at module level — reuse this client everywhere. +// Input/output recording follows sendDefaultPii unless explicitly overridden. +const client = Sentry.instrumentOpenAiClient(openai); ``` ### Streaming — Important @@ -122,11 +117,9 @@ Sentry.init({ dsn: process.env.SENTRY_DSN, tracesSampleRate: 1.0, streamGenAiSpans: true, + sendDefaultPii: true, integrations: [ - Sentry.vercelAIIntegration({ - recordInputs: true, - recordOutputs: true, - }), + Sentry.vercelAIIntegration(), ], }); ``` @@ -193,11 +186,9 @@ Sentry.init({ dsn: process.env.SENTRY_DSN, tracesSampleRate: 1.0, streamGenAiSpans: true, + sendDefaultPii: true, integrations: [ - Sentry.anthropicAIIntegration({ - recordInputs: true, - recordOutputs: true, - }), + Sentry.anthropicAIIntegration(), ], }); ``` @@ -210,10 +201,8 @@ import * as Sentry from "@sentry/nestjs"; const anthropic = new Anthropic({ apiKey: process.env.ANTHROPIC_API_KEY }); -const client = Sentry.instrumentAnthropicAiClient(anthropic, { - recordInputs: true, - recordOutputs: true, -}); +// Input/output recording follows sendDefaultPii unless explicitly overridden. +const client = Sentry.instrumentAnthropicAiClient(anthropic); const response = await client.messages.create({ model: "claude-sonnet-4-20250514", @@ -284,9 +273,9 @@ Sentry.init({ sendDefaultPii: true, enableLogs: true, integrations: [ - Sentry.openAIIntegration({ recordInputs: true, recordOutputs: true }), - Sentry.vercelAIIntegration({ recordInputs: true, recordOutputs: true }), - Sentry.anthropicAIIntegration({ recordInputs: true, recordOutputs: true }), + Sentry.openAIIntegration(), + Sentry.vercelAIIntegration(), + Sentry.anthropicAIIntegration(), ], }); ``` @@ -358,7 +347,7 @@ If your `tracesSampleRate` is below 1.0, you may be losing entire agent runs. Se |-------|----------| | No AI spans appearing | Verify `tracesSampleRate` > 0; AI monitoring requires tracing | | Token counts missing in streams | Add `stream_options: { include_usage: true }` to all OpenAI streaming calls | -| `recordInputs`/`recordOutputs` not capturing | Set `sendDefaultPii: true` or explicitly pass `recordInputs: true` to the integration | +| `recordInputs`/`recordOutputs` not capturing | Set `sendDefaultPii: true`, or explicitly pass `recordInputs: true` / `recordOutputs: true` to the integration | | Anthropic spans missing | Check SDK version; add `anthropicAIIntegration()` explicitly | | Cost estimates not showing | Model name must match models.dev/OpenRouter pricing data; custom models may show no estimate | | Vercel AI spans not tracked | Pass `experimental_telemetry: { isEnabled: true }` to every AI SDK call | diff --git a/skills/sentry-nextjs-sdk/references/ai-monitoring.md b/skills/sentry-nextjs-sdk/references/ai-monitoring.md index efe7cea..e178944 100644 --- a/skills/sentry-nextjs-sdk/references/ai-monitoring.md +++ b/skills/sentry-nextjs-sdk/references/ai-monitoring.md @@ -53,18 +53,18 @@ Sentry.init({ // Tracing MUST be enabled for AI monitoring tracesSampleRate: 1.0, streamGenAiSpans: true, + sendDefaultPii: true, integrations: [ - Sentry.openAIIntegration({ - recordInputs: true, // capture prompts sent to OpenAI - recordOutputs: true, // capture completions from OpenAI - }), + Sentry.openAIIntegration(), // recordInputs/recordOutputs default to true with sendDefaultPii ], }); ``` ### Client-Side / Manual Wrapping +Prompt/output capture assumes the matching client-side `Sentry.init()` also sets `sendDefaultPii: true`. + ```typescript import OpenAI from "openai"; import * as Sentry from "@sentry/nextjs"; @@ -73,11 +73,9 @@ const openai = new OpenAI({ apiKey: process.env.OPENAI_API_KEY, // ⚠️ Never expose this in the browser! }); -// Wrap once at module level — reuse this client everywhere -const client = Sentry.instrumentOpenAiClient(openai, { - recordInputs: true, - recordOutputs: true, -}); +// Wrap once at module level — reuse this client everywhere. +// Input/output recording follows sendDefaultPii unless explicitly overridden. +const client = Sentry.instrumentOpenAiClient(openai); const response = await client.chat.completions.create({ model: "gpt-4o", @@ -123,11 +121,10 @@ Sentry.init({ dsn: process.env.SENTRY_DSN, tracesSampleRate: 1.0, streamGenAiSpans: true, + sendDefaultPii: true, integrations: [ Sentry.vercelAIIntegration({ force: true, // ← Required for Vercel production deployments (see note below) - recordInputs: true, - recordOutputs: true, }), ], }); @@ -141,6 +138,7 @@ Sentry.init({ dsn: process.env.SENTRY_DSN, tracesSampleRate: 1.0, streamGenAiSpans: true, + sendDefaultPii: true, integrations: [ Sentry.vercelAIIntegration(), ], @@ -216,11 +214,9 @@ Sentry.init({ dsn: process.env.SENTRY_DSN, tracesSampleRate: 1.0, streamGenAiSpans: true, + sendDefaultPii: true, integrations: [ - Sentry.anthropicAIIntegration({ - recordInputs: true, - recordOutputs: true, - }), + Sentry.anthropicAIIntegration(), ], }); ``` @@ -235,10 +231,8 @@ const anthropic = new Anthropic({ apiKey: process.env.ANTHROPIC_API_KEY, // ⚠️ Never expose in the browser! }); -const client = Sentry.instrumentAnthropicAiClient(anthropic, { - recordInputs: true, - recordOutputs: true, -}); +// Input/output recording follows sendDefaultPii unless explicitly overridden. +const client = Sentry.instrumentAnthropicAiClient(anthropic); const response = await client.messages.create({ model: "claude-3-5-sonnet-20241022", @@ -294,13 +288,13 @@ Sentry.init({ }); ``` -Or enable explicitly without `sendDefaultPii`: +Use explicit integration options only when you need per-integration overrides instead of the recommended SDK-level default: ```typescript integrations: [ Sentry.openAIIntegration({ - recordInputs: true, // explicitly opt in - recordOutputs: true, + recordInputs: false, // opt out for this integration despite sendDefaultPii: true + recordOutputs: false, }), ], ``` @@ -319,10 +313,11 @@ Sentry.init({ dsn: process.env.SENTRY_DSN, tracesSampleRate: 1.0, streamGenAiSpans: true, + sendDefaultPii: true, integrations: [ - Sentry.openAIIntegration({ recordInputs: true, recordOutputs: true }), - Sentry.vercelAIIntegration({ force: true, recordInputs: true, recordOutputs: true }), - Sentry.anthropicAIIntegration({ recordInputs: true, recordOutputs: true }), + Sentry.openAIIntegration(), + Sentry.vercelAIIntegration({ force: true }), + Sentry.anthropicAIIntegration(), ], }); ``` @@ -412,7 +407,7 @@ If your `tracesSampleRate` is below 1.0, you may be losing entire agent runs. Se | No AI spans appearing | Verify `tracesSampleRate` > 0; AI monitoring requires tracing | | Token counts missing in streams | Add `stream_options: { include_usage: true }` to all OpenAI streaming calls | | Vercel AI spans show raw names (`ai.toolCall`) | Add `vercelAIIntegration({ force: true })` in server config | -| `recordInputs`/`recordOutputs` not capturing | Set `sendDefaultPii: true` or explicitly pass `recordInputs: true` to the integration | +| `recordInputs`/`recordOutputs` not capturing | Set `sendDefaultPii: true`, or explicitly pass `recordInputs: true` / `recordOutputs: true` to the integration | | Anthropic spans missing | Check SDK version supports Anthropic integration; add `anthropicAIIntegration()` explicitly | | Cost estimates not showing | Model name must match models.dev/OpenRouter pricing data; custom/fine-tuned models may show no estimate | | Edge runtime AI spans missing | Add `vercelAIIntegration()` to `sentry.edge.config.ts` explicitly (not auto-enabled for Edge) | diff --git a/skills/sentry-node-sdk/references/ai-monitoring.md b/skills/sentry-node-sdk/references/ai-monitoring.md index a55d6be..f0a44d8 100644 --- a/skills/sentry-node-sdk/references/ai-monitoring.md +++ b/skills/sentry-node-sdk/references/ai-monitoring.md @@ -7,7 +7,12 @@ Tracing must be enabled - AI spans require an active trace: ```typescript -Sentry.init({ dsn: "...", tracesSampleRate: 1.0, streamGenAiSpans: true }); +Sentry.init({ + dsn: "...", + tracesSampleRate: 1.0, + streamGenAiSpans: true, + sendDefaultPii: true, +}); ``` ## Integration Matrix @@ -31,6 +36,8 @@ Sentry.init({ dsn: "...", tracesSampleRate: 1.0, streamGenAiSpans: true }); | `true` | `true` (default) | Yes | | `true` | `false` | No | +Set `sendDefaultPii: true` in `Sentry.init()` to let supported integrations default `recordInputs`/`recordOutputs` to `true`. Use integration-level options to opt out or override specific integrations. + ## Configuration Examples ### Auto-enabled integrations @@ -54,9 +61,10 @@ Sentry.init({ dsn: process.env.SENTRY_DSN, tracesSampleRate: 1.0, streamGenAiSpans: true, + sendDefaultPii: true, integrations: [ - Sentry.openAIIntegration({ recordInputs: true, recordOutputs: true }), - Sentry.vercelAIIntegration({ recordInputs: true, recordOutputs: true }), + Sentry.openAIIntegration(), + Sentry.vercelAIIntegration(), ], }); ``` @@ -144,7 +152,7 @@ await Sentry.startSpan({ | `gen_ai.operation.name` | string | No | Human-readable operation label | | `gen_ai.agent.name` | string | No | Agent name (for agent spans) | -### Content attributes (PII-gated - only when `sendDefaultPii: true` + `recordInputs/recordOutputs: true`) +### Content attributes (PII-gated — only when `sendDefaultPii: true` + `recordInputs/recordOutputs: true`) | Attribute | Type | Description | |-----------|------|-------------| @@ -210,6 +218,6 @@ If `tracesSampleRate` < 1.0, see the [AI sampling guide](../../sentry-setup-ai-m | Token counts missing in streams | Add `stream_options: { include_usage: true }` (OpenAI) | | Vercel AI spans not tracked | Add `experimental_telemetry: { isEnabled: true }` per call | | Browser OpenAI not traced | Use `Sentry.instrumentOpenAiClient()` - auto-instrumentation is server-only | -| Prompts not captured | Set `sendDefaultPii: true` or explicit `recordInputs: true` | +| Prompts not captured | Set `sendDefaultPii: true`, or explicitly pass `recordInputs: true` / `recordOutputs: true` to the integration | | AI Agents Dashboard empty | Ensure traces are being sent; check DSN and `tracesSampleRate` | | Wrong cost calculations | Cached/reasoning tokens are subsets of totals, not additions | diff --git a/skills/sentry-python-sdk/references/ai-monitoring.md b/skills/sentry-python-sdk/references/ai-monitoring.md index 483ef2e..530f570 100644 --- a/skills/sentry-python-sdk/references/ai-monitoring.md +++ b/skills/sentry-python-sdk/references/ai-monitoring.md @@ -7,7 +7,12 @@ Tracing must be enabled — AI spans require an active transaction: ```python -sentry_sdk.init(dsn="...", traces_sample_rate=1.0, stream_gen_ai_spans=True) +sentry_sdk.init( + dsn="...", + traces_sample_rate=1.0, + stream_gen_ai_spans=True, + send_default_pii=True, +) ``` ## Integration Matrix @@ -37,7 +42,7 @@ Every integration follows the same two-layer control: | `True` | `True` (default) | ✅ Yes | | `True` | `False` | ❌ No | -Set `send_default_pii=True` to capture prompts. Use `include_prompts=False` per-integration to override. +Set `send_default_pii=True` in `sentry_sdk.init()` and leave `include_prompts` at its default `True`. Use `include_prompts=False` per integration only to opt out. ## Configuration Examples diff --git a/skills/sentry-setup-ai-monitoring/SKILL.md b/skills/sentry-setup-ai-monitoring/SKILL.md index b864557..5a7ee2c 100644 --- a/skills/sentry-setup-ai-monitoring/SKILL.md +++ b/skills/sentry-setup-ai-monitoring/SKILL.md @@ -27,13 +27,13 @@ AI monitoring requires **tracing enabled** (`tracesSampleRate > 0`). ## Data Capture Warning -**Prompt and output recording captures user content that is likely PII.** Before enabling `recordInputs`/`recordOutputs` (JS) or `include_prompts`/`send_default_pii` (Python), confirm: +**Prompt and output recording captures user content that is likely PII.** Before enabling send-default-PII (`sendDefaultPii: true` in JavaScript or `send_default_pii=True` in Python) or per-integration prompt/output capture (`recordInputs`/`recordOutputs` in JS, `include_prompts` in Python), confirm: - The application's privacy policy permits capturing user prompts and model responses - Captured data complies with applicable regulations (GDPR, CCPA, etc.) - Sentry data retention settings are appropriate for the sensitivity of the data -**Ask the user** whether they want prompt/output capture enabled. Do not enable it by default — configure it only when explicitly requested or confirmed. Use `tracesSampleRate: 1.0` only in development; in production, use a lower value or a `tracesSampler` function. +**Ask the user** whether they want prompt/output capture enabled. Do not enable prompt/output capture without explicit confirmation. Use `tracesSampleRate: 1.0` only in development; in production, use a lower value or a `tracesSampler` function. ## Detection First @@ -112,15 +112,20 @@ Sentry.init({ }); ``` -To customize (e.g., enable prompt capture — see Data Capture Warning): +To customize (e.g., enable prompt capture after user confirmation — see Data Capture Warning): ```javascript -integrations: [ - Sentry.openAIIntegration({ - // recordInputs: true, // Opt-in: captures prompt content (PII) - // recordOutputs: true, // Opt-in: captures response content (PII) - }), -], +Sentry.init({ + dsn: "YOUR_DSN", + tracesSampleRate: 1.0, + streamGenAiSpans: true, + sendDefaultPii: true, + integrations: [ + Sentry.openAIIntegration({ + // recordInputs/recordOutputs default to true when sendDefaultPii is true + }), + ], +}); ``` ### Browser / Next.js OpenAI (manual wrapping required) @@ -138,23 +143,29 @@ const openai = Sentry.instrumentOpenAiClient(new OpenAI()); ### LangChain / LangGraph (auto-enabled) ```javascript -integrations: [ - Sentry.langChainIntegration({ - // recordInputs: true, // Opt-in: captures prompt content (PII) - // recordOutputs: true, // Opt-in: captures response content (PII) - }), - Sentry.langGraphIntegration({ - // recordInputs: true, - // recordOutputs: true, - }), -], +Sentry.init({ + dsn: "YOUR_DSN", + tracesSampleRate: 1.0, + streamGenAiSpans: true, + sendDefaultPii: true, + integrations: [ + Sentry.langChainIntegration(), + Sentry.langGraphIntegration(), + ], +}); ``` ### Vercel AI SDK Add to `sentry.edge.config.ts` for Edge runtime: ```javascript -integrations: [Sentry.vercelAIIntegration()], +Sentry.init({ + dsn: "YOUR_DSN", + tracesSampleRate: 1.0, + streamGenAiSpans: true, + sendDefaultPii: true, + integrations: [Sentry.vercelAIIntegration()], +}); ``` Enable telemetry per-call: @@ -164,8 +175,8 @@ await generateText({ prompt: "Hello", experimental_telemetry: { isEnabled: true, - // recordInputs: true, // Opt-in: captures prompt content (PII) - // recordOutputs: true, // Opt-in: captures response content (PII) + recordInputs: true, + recordOutputs: true, }, }); ``` @@ -181,7 +192,7 @@ sentry_sdk.init( dsn="YOUR_DSN", traces_sample_rate=1.0, # Lower in production (e.g., 0.1) stream_gen_ai_spans=True, # SDK ≥2.60.0 - # send_default_pii=True, # Opt-in: required for prompt capture (sends user PII) + send_default_pii=True, # Integrations auto-enable when the AI package is installed. # Only specify explicitly to customize (e.g., include_prompts): # integrations=[OpenAIIntegration(include_prompts=True)], @@ -299,5 +310,5 @@ After configuring, make an LLM call and check the Sentry Traces dashboard. AI sp | AI spans not appearing | Verify `tracesSampleRate > 0`, check SDK version | | Token counts missing | Some providers don't return tokens for streaming | | Negative or wrong costs in dashboard | Cached/reasoning tokens are subsets of totals — see Token Usage and Cost Calculation | -| Prompts not captured | Enable `recordInputs`/`include_prompts` | +| Prompts not captured | Set `sendDefaultPii: true` (JS) or `send_default_pii=True` (Python); use `recordInputs`/`include_prompts` only for explicit overrides | | Vercel AI not working | Add `experimental_telemetry` to each call |