The [.fts] directory contains a VMS system service caller
monitor. Also in a conditional assembly is a facility that
allows it to return a faked "fully privileged" return
to a program trying to use $setprv, which can be used to
mousetrap possible covert behavior when used from a NON
privileged account. It will tell you what system services
an image uses, also very handy for finding out about covert
behavior.