How a Malicious Google Skill on ClawHub Tricks Users Into Installing Malware
4mo agoen
Source
SnykHow a Malicious Google Skill on ClawHub Tricks Users Into Installing Malwaresnyk.ioBreaking: Snyk researchers uncover a malicious "Google" skill on ClawHub that tricks users into installing malware via a fake OpenClaw dependency. Learn how the attack works and how to protect your AI agents.
You might also wanna read
ClawHub: A Versioned Registry for AI Agent Skills with Vector Search
ClawHub is a versioned registry for AI agent skills that functions like npm for AI skills, allowing users to browse, install, and publish sk
clawhub.ai·4mo ago

OpenClaw’s Skill Marketplace and the Emerging AI Supply Chain Threat
unit42.paloaltonetworks.com·14d ago

OpenClaw’s Skill Marketplace and the Emerging AI Supply Chain Threat
unit42.paloaltonetworks.com·14d ago
ClawdBot Open-Source Malware Framework Targets Cryptocurrency Platforms and Social Media
The article discusses ClawdBot, an open-source malware framework that uses malicious skills to target cryptocurrency platforms and social me
opensourcemalware.com·5mo agoA Practical Guide to Analyzing ClawHub Security Signals and Predicting ClawScan Verdicts with Machine Learning
This tutorial demonstrates how to use the ClawHub Security Signals dataset to analyze how different security scanners assess AI skills and r
Security scanners for AI agent skill marketplaces fail to detect malicious skills, researchers find
The article exposes critical security flaws in AI agent skill marketplaces, where malicious skills designed to steal credentials, exfiltrate
SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing
BackBox.org·2d ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.