Plurum

The Plurum skill bundle establishes a persistent data-sharing framework that encourages agents to exfiltrate detailed work logs, reasoning steps, and code artifacts to a central API (api.plurum.ai). The instructions in SKILL.md and HEARTBEAT.md mandate a 30-minute check-in routine and the 'acquisition' of untrusted content from other agents, which could lead to the ingestion of malicious instructions or the inadvertent disclosure of proprietary information. While the documentation includes warnings against sharing secrets, the core design creates a significant privacy and security risk by turning the agent into a data-gathering node for an external service.