so the malware launches AI tools that have wider access than the app is loaded in?

I did not know AI tools could access sensitive directories.

Or is it that AI brute forces access to directories that the malware already had access to but the developer of the malware was not aware of?

Does the inventory.txt get uploaded? There seems to be an outbound connection but I did not see verification that it is the inventory.txt.