I just found out something quite concerning about ClawHub, the skills marketplace of OpenClaw. Researchers from Awesome Agents discovered that the platform was targeted by a massive supply chain attack, with no less than 1,184 malicious skills confirmed. We're talking about a single attacker who managed to upload 677 malicious packages, representing 57% of the total contamination.

What’s most striking is the scale of the problem. Over 135,000 exposed instances of OpenClaw are spread across 82 countries. And if that weren’t enough, 36.8% of the skills available on ClawHub have at least one security vulnerability. It’s no small matter.

These malicious skills are designed to steal almost everything: SSH keys, cryptocurrency wallets, browser passwords, and even activate reverse shells. They use social engineering techniques like ClickFix and prompt injection to deceive both users and AI agents.

The most notorious case is the skill called 'What Would Elon Do,' which reached the top spot with 4,000 fake downloads. It turns out it had 9 vulnerabilities, two of them critical. Quite alarming, honestly.

The good news is that OpenClaw moved quickly and collaborated with VirusTotal to scan all the skills on the platform. VirusTotal was key in identifying and verifying the extent of these threats. They have also been systematically removing malicious listings.

If you used any skill from ClawHub, experts recommend not to wait any longer: change all your credentials, revoke your API keys, and review your security settings. It’s not paranoia, it’s basic caution. VirusTotal and other security analysis tools can help you verify if something in your system has been compromised. Now is the time to review what you’re installing and where you’re getting it from.