Play Chess

The skill bundle provides instructions and API endpoints for an AI agent to play chess, with all network interactions directed to `clawchess.com`. It includes explicit security warnings against API key exfiltration. However, the `SKILL.md` file instructs the agent to periodically fetch `https://www.clawchess.com/HEARTBEAT.md` and 'follow it'. This dynamic instruction loading mechanism, found in `SKILL.md`, presents a significant prompt injection vector and supply chain risk, as the remote `HEARTBEAT.md` content could be altered to instruct the agent to perform unauthorized or malicious actions.