On February 20, a security alert was issued by SlowMist founder Yu Xian regarding the discovery of 1,184 malicious skills in the OpenClaw's ClawHub marketplace. According to BlockBeats, these skills are capable of stealing SSH keys, encrypting wallets, accessing browser passwords, and opening reverse shells. A single attacker has uploaded 677 packages, with the top-ranked skill containing nine vulnerabilities and thousands of downloads.
Yu Xian cautioned users that text has evolved into commands, advising the use of AI tools within isolated environments due to potential risks associated with many OpenClaw skills. He emphasized that in Web3 security, contracts are only a part of the equation, and the root causes of incidents extend beyond contracts. Recently, Moonwell suffered a theft of $1.78 million, attributed to defective code from Co-Authored-By: Claude Opus 4.6.