Security researchers have discovered a troubling trend: malicious AI skills are being uploaded to OpenClaw in droves, with hundreds of variations posing as legitimate plugins. The attackers are capitalizing on OpenClaw's growing popularity to distribute malware under the guise of helpful AI capabilities.
How the Malware Works
The malware-infested skills typically promise popular features like code generators, data analysis tools, or productivity boosters. Once installed, they execute arbitrary code, steal credentials, or exfiltrate data from the victim's environment. The attackers have cleverly packaged these malicious payloads to blend in with legitimate OpenClaw extensions.
The Attack Vector
OpenClaw's skill marketplace allows users to install external AI capabilities, but the review process has been bypassed by sophisticated attackers. They create skill packages that appear legitimate at first glance, often using similar naming conventions and descriptions to genuine tools.
Protection Strategies
Users should only install skills from trusted sources and verify the publisher's reputation. OpenClaw is working on improving its review process and implementing stricter vetting mechanisms to prevent malicious extensions from reaching users.
The Bottom Line
The OpenClaw ecosystem is growing rapidly, but security researchers warn that attackers are following the money. As OpenClaw gains popularity, malicious actors will continue creating fake skills to exploit users. The solution isn't to stop using AI skillsβit's to be more vigilant about what you install.