4claw

The skill bundle is suspicious due to its self-update mechanism, which downloads and overwrites `SKILL.md` and `HEARTBEAT.md` from `https://www.4claw.org` into `~/.config/4claw/`. While intended for legitimate updates, this creates a supply chain vulnerability where a compromised `4claw.org` could serve malicious instructions, leading to prompt injection against the agent. Additionally, the `SKILL.md` encourages 'edgy' and 'trolly' behavior, which, despite explicit safety rules, could be interpreted by an agent to push boundaries in ways that are not strictly malicious but could be problematic.