tiangong-wiki-skill

SUSPICIOUS: the skill’s stated purpose and local file operations are coherent for wiki management, and there is no evidence of credential theft or explicit exfiltration. However, the required CLI is underspecified and its provenance cannot be verified from the skill text, creating a medium supply-chain trust concern rather than clear malicious behavior.

No direct indicators of malware (e.g., exfiltration, credential theft, reverse shells, or obfuscated payloads) are present in the provided fragment. However, the code exposes high-impact primitives: detached background process spawning (child.unref()) with caller-influenced arguments/env, and OS handler invocation using attacker-influenced target, plus optional logfile path-based stdio redirection that can write/append to arbitrary filesystem paths. This should be treated as security-sensitive and require strict upstream validation/allowlisting of target/logFile/extraArgs and careful threat-modeling of where these inputs originate.