Rcm Analysis Worksheet

Security checks across malware telemetry and agentic risk

Overview

This is a worksheet-style RCM guidance skill with clear draft-only guardrails and no executable code or system access.

This skill appears safe to install as a drafting aid, but users should treat its output as engineering work product that requires qualified review before any maintenance schedule, CMMS, or safety-critical task is changed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Harmful Content Injection

Critical

Category: Prompt Injection
Content: ### Phase 4 — Maintenance Significant Item (MSI) Classification For each failure mode, apply the MSI screen: 1. **Safety/Environmental consequence?** Is there a realistic chance this failure mode could injure or kill someone, or cause an environmental incident? → YES = Safety/Environmental MSI 2. **Operational consequence?** Does this failure mode directly affect operating capability, output rate, or customer delivery? → YES = Operational MSI 3. **Hidden function?** Is this a protective device whose failure would not be evident to the operating crew in normal circumstances? → YES = Hidden Function MSI (failure-finding task required) 4. **Non-operational economic consequence only?** Evaluate whether cost of prevention exceeds cost of failure. Record MSI class for each failure mode.
Confidence: 95% confidence
Finding: kill someone

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal