Home / Technology / ClawHub Infected: Malicious Skills Target Developers
ClawHub Infected: Malicious Skills Target Developers
25 Jun
Summary
- Five malicious skills delivering infostealers and fraud were found on ClawHub.
- Threat actors used evasion techniques to bypass security checks.
- Researchers urge strict validation and source code audits for published packages.
The ClawHub marketplace, an official platform for OpenClaw skills, has become a target for cybercriminals seeking to compromise software developers. Security researchers from Palo Alto Networks' Unit 42 recently identified five malicious skills on the platform. These skills were designed to deliver infostealer malware and facilitate commission fraud, exploiting the capabilities of AI agents.
OpenClaw, an open-source agent platform released in November 2025, uses "skills" to extend its functionality. ClawHub was established as a registry for these skills. Despite the integration of security scanning tools like VirusTotal and ClawScan earlier this year, threat actors employed persistent and evasive methods, including inflated file sizes, to bypass these protections.
All five discovered malicious skills have been reported to ClawHub, leading to their removal and the banning of associated accounts. Unit 42 emphasizes the need for a robust supply chain verification framework, advocating for the active validation of publisher provenance and thorough source code audits for all published packages, as skill execution occurs within the agent process.
