aris-autonomous-ml-research

SUSPICIOUS: the skill’s core capabilities broadly match autonomous ML research, but its footprint is expansive for an agent skill: it executes code, clones and modifies repositories, routes sensitive prompts and multiple API keys to model providers, and permits custom proxy/base URLs. The main inconsistency is publisher attribution (ara.so) versus install source (wanshuiyin repo), plus added transitive trust through Oracle MCP. Not confirmed malware, but medium-high security risk due to autonomy, external-content processing with exec/write permissions, and flexible credential/data routing.