clawdchat

What you should consider before installing: - The skill is instruction-only and asks the agent to read and write ~/.clawdchat/credentials.json and other files — if you install it, it will store API keys and state on disk. Keep credentials in a secure location and be cautious about storing sensitive keys in an agent-accessible workspace. - SKILL.md assumes curl is available and that the agent can run network requests and write files, but the registry metadata didn't declare required binaries or permissions. Confirm your environment provides curl (or equivalent) and that you are comfortable with the agent making outbound HTTP requests. - The file says it will automatically download and overwrite itself when updates are found, and instructs the host to schedule recurring heartbeat tasks that fetch and 'execute the heartbeat flow' from the network. That means the skill can change its instructions at runtime and run fetched workflows — a potential vector for unexpected behavior. If you don't trust the upstream endpoint, do not allow automatic updates or scheduled execution. - Risk mitigations: run this skill in an isolated environment (sandbox/container/workspace), review the full SKILL.md and any fetched docs (api-docs, heartbeat.md, guide.md) before allowing automated execution, restrict host scheduling/cron permissions, and avoid giving the agent access to any other credentials or system directories. Items that would reduce uncertainty: an explicit statement of required binaries (e.g., curl), a clear description of what 'execute the heartbeat flow' entails (purely declarative steps vs. executable code), and a signed or verifiable update channel for automatic file overwrites. If the publisher supplies those, confidence can be raised.