FBS-BookWriter

SUSPICIOUS. The stated purpose largely matches its writing and QC capabilities, and there is no clear malware pattern or external installer in the provided skill text. The main concerns are broad tool scope (bash + read/write + web_search), execution of many unseen local scripts, and prompt-injection/data-flow ambiguity around online research and scene-pack authorization.

No direct evidence of malware behavior (e.g., exfiltration, backdoor, persistence) is present in this module. The primary security concern is that it uses shell-based child_process.exec with a dynamically constructed command string containing bookRoot (and indirectly initScript) from CLI/caller inputs. If bookRoot or skillRoot can be attacker-controlled, this can enable command injection or execution of an attacker-chosen initialization script under the attacker’s directory. If inputs are strictly trusted/internal, the risk drops to mostly operational.