OpenClaw’s AI ‘skill’ extensions are a security nightmare

OpenClaw, the AI agent that has exploded in popularity over the past week, is raising new security concerns after researchers uncovered malware in hundreds of user-submitted "skill" add-ons on its marketplace. In a post on Monday, 1Password product VP Jason Meller says OpenClaw's skill hub has become "an attack surface," with the most-downloaded add-on serving […]

admin
admin
 Feb 5, 2026  0  15
 Add to Reading List
OpenClaw’s AI ‘skill’ extensions are a security nightmare
The OpenClaw logo on a red background.

OpenClaw, the AI agent that has exploded in popularity over the past week, is raising new security concerns after researchers uncovered malware in hundreds of user-submitted "skill" add-ons on its marketplace. In a post on Monday, 1Password product VP Jason Meller says OpenClaw's skill hub has become "an attack surface," with the most-downloaded add-on serving as a "malware delivery vehicle."

OpenClaw - first called Clawdbot, then Moltbot - is billed as an AI agent that "actually does things," such as managing your calendar, checking in for flights, cleaning out your inbox, and more. It runs locally on devices, and users can interact with t …

Read the full story at The Verge.

Read More   

Share

What's Your Reaction?

Like Like 0
Dislike Dislike 0
Love Love 0
Funny Funny 0
Angry Angry 0
Sad Sad 0
Wow Wow 0