Splatworld

The skill is classified as suspicious due to its core operational loop involving the download and execution of `HEARTBEAT.md` from a remote server (`https://api.splatworld.io/heartbeat.md`). While the provided `heartbeat.md` content is benign and the intent is for legitimate updates, this mechanism (found in `skill.md` and `heartbeat.md`) represents a significant supply chain vulnerability. A compromise of the remote server could lead to the execution of arbitrary malicious code on the agent's system. All other observed behaviors, such as API key handling and network requests, are transparent and directed solely at the `splatworld.io` domain, without evidence of intentional malicious activity or prompt injection attempts within the provided files.