Svix

Security checks across malware telemetry and agentic risk

Overview

This Svix skill is a disclosed connector wrapper for managing Svix through OOMOL, including state-changing actions that require user confirmation.

Install this only if you intend to let your agent operate your Svix account through OOMOL. Review requested payloads carefully before approving creates, updates, message dispatches, or deletes, especially because Svix actions can affect live webhook applications and endpoints.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger text says to use this skill for ANY Svix request and whenever a task involves Svix, which is overly broad and can cause the agent to invoke the skill for sensitive or destructive Svix operations without enough narrowing. In this skill, that broad routing matters because the skill includes create, update, send, and delete capabilities, increasing the chance of unintended state-changing actions being selected.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal