The extensions of ‘skills’ or abilities to OpenClaw the open source artificial intelligence (AI) assistant capable of executing all functions within a computer, have covered up a series of malicious software o ‘malware’.
OpenClaw, originally known as Clawdbot and later as Moltbot, gained widespread popularity in a matter of weeks despite the risks involved in giving an AI the ability to execute any task within the computer.
To ‘prompt injection’ type attacks, errors in the interpretation of commands or the deletion of sensitive content, we must add a new threat: extensions with malicious skills.
Malware presence platform OpenSourceMalware has discovered that they were published 28 malicious skills on the ClawHub ‘skills’ platform between January 27 and 29, in addition to 386 malicious extensions uploads between January 31 and February 2.
OpenSourceMalware has explained that these ‘skills’ “impersonate cryptocurrency automation tools and distribute malware that steals crypto asset information,” such as exchange API keys, private wallet keys, browser credentials, or passwords.
1Password’s vice president of product, Jason Miller, has called ClawHub an “attack surface,” where the most downloaded skill was a “Twitter” skill. Miller has commented that when he tried to download it he found links like “here”, “this link”, which seemed normal, but which hid malicious software that stole information from macOSalso affecting browser sessions and cookies, passwords and autocomplete data, tokens and API keys, among others.
Given these security gaps, the creator of OpenClaw, Peter Steinberg, has announced in a message on X (formerly Twitter) that they have incorporated the option of “report skills”with which users can alert about these malicious ‘skills’.
Been spending quite a bit of time making ClawHub more secure; you can now report skills, and only people with a GitHub account that’s not brand-new can upload skills.
This will eventually make this a much more trusted place. https://t.co/NLIVKCGxHR
— Peter Steinberger 🦞 (@steipete) February 2, 2026
Additionally, Steinberg has indicated that only GitHub users (whose account is not newly created) can upload these skills to ClawHub. “Over time, this will make it a much safer place,” he said.
https://www.PetAdsHub.com/588/posts/3/27/1788443.html
https://dantebimj17383.blog5.net/89209586/san-antonio-appliance-repair
https://marcollom30628.atualblog.com/46231733/san-antonio-appliance-repair
https://bestseoonline.bookmarking.info/story/san-antonio-appliance-repair
https://ask-dir.org/San-Antonio-Appliance-Repair_375921.html
http://nationpromoted.com/directory/listingdisplay.aspx?lid=79323
https://freeweblink.org/details.php?id=313811
https://toptendir.net/San-Antonio-Appliance-Repair_350608.html
https://raymondmewm83603.activoblog.com/48728801/san-antonio-appliance-repair
https://collinrzbz56789.isblog.net/san-antonio-appliance-repair-56710063
https://www.virtualmallspace.com/professional-services/san-antonio-appliance-repair
https://marcouroj55444.mybuzzblog.com/19649895/san-antonio-appliance-repair
http://businessespromoted.com/directory/listingdisplay.aspx?lid=40837
https://PostQuickAds.com/588/posts/3/27/1954545.html
http://usastorefronts.com/directory/listingdisplay.aspx?lid=66893
http://nationfeatured.com/directory/listingdisplay.aspx?lid=83674
https://laneqvad96395.verybigblog.com/38515134/san-antonio-appliance-repair
https://codereview.stackexchange.com/users/296768/san-antonio-appliance-repair?tab=profile
https://andersonisis83827.widblog.com/94430747/san-antonio-appliance-repair
http://localorganized.com/directory/listingdisplay.aspx?lid=57026
https://www.iformative.com/product/san-antonio-appliance-repair-p2937376.html
http://statezz.com/directory/listingdisplay.aspx?lid=51622
http://localzzhq.com/directory/listingdisplay.aspx?lid=114213
https://www.ehbact.com/business-professional-services/san-antonio-appliance-repair
https://azure-directory.com/gosearch.php?q=https%3A%2F%2Fsanantonioappliance.repair&x=0&y=0