Fbs Bookwriter.Skip

If run unsandboxed, the skill's scripts may have broader access to local files and the host environment than a user expects from a writing tool.

The skill explicitly depends on shell/exec and suggests disabling the sandbox as a troubleshooting option. That expands the impact of any script or dependency beyond a tightly contained writing workspace.

The skill can run local programs, so a faulty or unexpected script could affect the local environment.

Static scan evidence shows the package can spawn local processes. This is mostly aligned with the disclosed Node-script workflow, but PowerShell bypass behavior is sensitive and should stay user-approved.

Installing dependencies may download third-party packages to the local environment.

The skill requires a manual npm dependency install. That is normal for a Node-based document tool, but dependency provenance is part of the trust boundary.

The skill may involve account authentication, sensitive credentials, or paid/credit-based actions that are not obvious from the main installation contract.

These high-impact account and credential capabilities are reported even though the registry requirements state no required env vars and no primary credential, and SKILL.md does not clearly explain when such credentials or purchases are needed.

Personal profile or writing-preference data could be reused across sessions or projects in ways the user may not expect.

The artifacts describe importing host-level user profile memory into the writing system. That can be useful for personalization, but the user-facing install text does not clearly bound when profile memory is read, how long it is retained, or how it can be reset.