OpenClaw’s AI ‘skill’ extensions are a security nightmare
Security researchers found malware in hundreds of user-submitted 'skill' add-ons on the popular AI agent OpenClaw's marketplace.Summary
The rapidly popular AI agent OpenClaw, which performs tasks via extensions called 'skills,' is facing significant security scrutiny after researchers discovered malware in hundreds of user-submitted add-ons on its ClawHub marketplace. 1Password product VP Jason Meller warned that the skill hub has become an "attack surface," with the most-downloaded add-on acting as a "malware delivery vehicle." OpenSourceMalware tracked hundreds of malicious skills uploaded in late January and early February, noting they often masqueraded as cryptocurrency trading tools to steal sensitive data like API keys, SSH credentials, and passwords.
These malicious skills frequently use markdown files to hide instructions that trick the AI agent into executing harmful code. For example, a popular 'Twitter' skill contained instructions leading to a link designed to make the agent download infostealing malware. OpenClaw's creator, Peter Steinberger, is implementing measures to mitigate these risks, such as requiring new skill publishers to have a GitHub account that is at least one week old, though concerns about undetected malware remain.
(Source:The Verge)