java

BENIGN in purpose and data flow, but SUSPICIOUS on install trust: the monitoring scope is proportionate and no credential harvesting or exfiltration is evident, yet the required ibmi CLI is not verified by the supplied evidence and does not cleanly match the official IBM-documented install path that was found. This raises medium-high supply-chain risk rather than malware evidence.