run-experiment

SUSPICIOUS. The skill’s core behavior is coherent with ML experiment deployment, and its external services are official, so this is not confirmed malware. However, it has a high operational footprint: wildcard Bash access, autonomous cloud spend actions, remote file transfer, code modification for W&B, and an unsafe pattern that forwards `WANDB_API_KEY` on the command line. Main risk is credential exposure and overbroad execution authority, not deceptive exfiltration.