ClawHub

Svn Tool

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only SVN helper whose risky commands are expected for version-control work, but users should be careful with destructive operations and credentials.

Install this only if you want an agent to assist with SVN command workflows. Before commits, deletes, reverts, cleanup with removal flags, branch changes, or credential-cache deletion, review the exact target with svn status and svn diff and confirm the action. Avoid passing passwords on the command line, and avoid --trust-server-cert unless you have verified the server certificate.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill metadata and description indicate it should trigger whenever a user needs to interact with SVN, which is broad enough to capture ordinary discussion, advice, or ambiguous requests rather than explicit tool-use intent. Over-broad activation can cause the agent to enter an operational mode and perform repository actions when the user only wanted information, increasing the chance of unintended network or workspace changes.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The listed trigger scenarios include common conversational phrases like viewing history, checking status, or comparing differences, without defining invocation boundaries or requiring explicit consent to execute commands. In an agent setting, this can cause the skill to activate on vague SVN-related conversation and take actions against a working copy or remote repository that the user did not clearly authorize.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The documentation includes delete, move, branch manipulation, and other potentially destructive repository operations but does not prominently warn about irreversible effects, repository-wide consequences, or the need to verify targets first. In a user-invocable automation context, omission of such warnings increases the likelihood of accidental data loss, branch damage, or unintended history changes.

Missing User Warnings

High
Confidence
97% confidence
Finding
The revert and cleanup examples are especially risky because they can discard uncommitted local changes and, with cleanup flags like '--remove-unversioned', delete files that are not under version control. Without strong warnings and confirmation requirements, an agent following this guidance could irreversibly destroy user work in the local workspace.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README recommends deleting the cached SVN authentication store with a recursive rm -rf command but does not clearly warn that this irreversibly removes locally stored credentials. While the target path is narrower than a generic destructive delete, documenting shell deletion of auth data without caution increases the chance of accidental credential loss or unsafe copy-paste behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal