ai-paper-reproduction

SUSPICIOUS: The stated purpose aligns with the capabilities, and there is no direct credential harvesting or obvious malware behavior in this top-level skill. However, it processes untrusted repository content, can execute repo-documented commands, and relies on unspecified sub-skills whose provenance is not verifiable from the provided text, so the overall risk is medium rather than benign.

This module itself does not show explicit malware behaviors (no encryption/obfuscation/backdoor logic, and no direct network exfiltration), but it intentionally facilitates a supply-chain execution scenario: when --run-selected is set, it executes a command extracted from an untrusted repository README without allowlisting or sandboxing. Captured stdout/stderr are also propagated into report outputs, increasing the chance of sensitive-data leakage if the executed command prints secrets. Treat execution as high-risk and restrict/sandbox or disable execution for untrusted inputs.