ClawHub Malicious Skills Count Reaches 800+ -- 20% of Entire Registry Compromised

Updated scans of ClawHub now report over 800 malicious skills, representing approximately 20% of the entire registry. Dramatic escalation from the initial ClawHavoc discovery of 341 malicious skills in February 2026. Malicious authors use typosquatted names and ClickFix social engineering to distribute Atomic macOS Stealer.

Product Idea from this Signal

A security layer that vets ClawHub skills for malware and prompt injection before your agent installs them

133.9k ▲

ClawHub grew 380% to 13,729 skills in Q1 2026. Snyk found 36% contain prompt injection and 1,467 carry malicious payloads. The ClawHavoc campaign planted 1,184 weaponized skills in the marketplace. VirusTotal integration catches known malware but misses novel prompt injection, data exfiltration via tool outputs, and social engineering patterns unique to AI agent skills. This tool performs deep behavioral analysis of every skill before installation, catching threats that signature-based scanners miss.

SECURITYCLIDEVTOOLOPEN-SOURCE

CompetitiveView Opportunity →

Product Idea from this Signal

A CLI tool that scans a running OpenClaw instance for every known CVE, exposed endpoint, malicious skill, and token scope violation, then outputs a prioritized remediation checklist

25.3k ▲

OpenClaw accumulated 138+ CVEs in under 5 months, 245,000 instances sit exposed on the public internet, and 1,400+ malicious skills infiltrated ClawHub via the ClawHavoc campaign. Individual developers and small teams have no single tool to check their install against all known threats. NemoClaw requires NVIDIA GPU infrastructure, ClawShield is a network proxy that doesn't scan the instance itself, and SkillFortify only covers skill verification. The gap is a lightweight scanner that checks everything in one pass and tells you exactly what to fix.

CLIOPEN-SOURCESECURITYDEVTOOLOPENCLAW

CompetitiveView Opportunity →