DFMEA - Design Failure Mode and Effects Analysis

Security checks across malware telemetry and agentic risk

Overview

This is a local DFMEA worksheet and reporting helper whose code and installer match its stated engineering purpose.

Reasonable to install for local DFMEA work. Review the installer because it writes under your home directory and may create a dfmea command symlink; avoid putting highly sensitive proprietary design details into generated local JSON/report files unless that storage model is acceptable for your workflow.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The activation criteria are broad enough that the skill may trigger on generic engineering, manufacturing, or risk-assessment discussions rather than explicit DFMEA requests. This can cause unintended invocation, unnecessary context capture, and interference with more appropriate skills, though the skill itself is not inherently dangerous and does not appear to request sensitive actions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal