Source: linkedin_dm · Submitted 15/05/2026 · Assessment complete
This case involves a recruitment scam attempt initiated via LinkedIn DM, rated as high risk. The initial message is a common lure for recruitment scams, offering an opportunity to join a team building an "AI + Web3 product." Several signals contribute to the high-risk assessment. The presence of a runnable repository and a fresh repository are noted, which could be used to distribute malicious code. Indicators point to a zero-community and single-contributor project, which often raises red flags for legitimacy and could suggest a lack of genuine development or oversight. A significant concern is the high run code pressure, suggesting that the provided code, if executed, might perform extensive or sensitive operations. While numerous AI-verified findings related to PowerShell web requests, curl pipe shell commands, child process imports, and Ethereum wallet directory checks were flagged, they were all deemed false positives in this context, primarily because they represent standard setup, installation, or Web3 integration patterns within the provided scripts and not direct evidence of malicious exfiltration or arbitrary command execution. Despite these false positives, the combination of the recruitment scam context and the behavioral signals still points to a high-risk scenario.