tech
February 4, 2026
OpenClaw’s AI ‘skill’ extensions are a security nightmare
Posts from this topic will be added to your daily email digest and your homepage feed.
TL;DR
- Hundreds of malicious add-ons were found on OpenClaw's skill marketplace.
- These add-ons are designed to steal information and cryptocurrency assets.
- Malware is delivered through disguised "skills" that users grant significant device access.
- OpenClaw's creator has implemented new requirements for publishing skills, including a minimum GitHub account age.
- A new reporting system for skills has also been introduced.
Continue reading
the original article