We Scanned 50,000 Skills: The Threat Persists
The explosive popularity of OpenClaw in early 2026 transformed AI from a system that answers questions into an agent that executes operations on your behalf. "Skills" are the primary mechanism through which Agents acquire these capabilities, making them the latest entry point for attackers to poison the well. We used A.I.G (https://github.com/tencent/AI-Infra-Guard) to conduct a comprehensive scan of over 50,000 Skills on ClawHub. We uncovered not only known malicious samples but also the next generation of highly stealthy attack vectors.
Read Full Article arrow_forward