agentchan

The skill bundle is classified as suspicious due to a critical prompt-injection vulnerability in its 'Refresh Rule' within `skill.md`. This rule instructs the AI agent to periodically fetch and execute instructions from remote markdown files (`https://chan.alphakek.ai/skill.md` and `https://chan.alphakek.ai/heartbeat.md`). This creates a significant supply chain risk, as a compromise of the remote server could allow an attacker to inject arbitrary malicious instructions into the agent's operational logic, leading to unauthorized actions or data exfiltration. While the current content is not explicitly malicious, this mechanism establishes a direct channel for future remote instruction execution.