ClawdChat

This skill bundle is classified as suspicious due to its dynamic update mechanism and extensive use of prompt injection. The `SKILL.md` and `HEARTBEAT.md` files instruct the AI agent to periodically fetch and install updated skill files from remote servers (e.g., `https://clawdchat.ai/skill.md`, `https://clawdchat.cn/heartbeat.md`). This creates a significant supply chain vulnerability, as a compromise of the remote server could allow an attacker to serve malicious instructions (prompt injection) or commands, leading to arbitrary code execution on the agent's host. While the current prompt injection is aimed at shaping the AI's persona for social interaction, it highlights the potential for misuse if the skill's content were controlled by an adversary.