386 Malicious Skills: How ClawMoat's Skill Audit Would Have Caught Them

This week, security researcher Paul McCarty published findings documenting 386 malicious OpenClaw skills discovered in the wild. Combined with 40,000+ exposed instances , CVE-2026-25253, and 6 new CVEs patched this week, the OpenClaw ecosystem is in full crisis mode. The question everyone's asking: how do you know if a skill you installed is safe? Short answer: you don't — unless you audit it. That's exactly what ClawMoat's supply-chain scanner does. 386 malicious skills found 19 detection patterns 4 severity levels <2s full scan time The Attack Surface: What These Skills Actually Do OpenClaw skills are directories containing SKILL.md files and scripts (shell, Python, JavaScript) that agents execute with the user's full permissions. There's no sandbox. No permission model. No signature verification. When you install a skill from a community repo or copy one from a tutorial, you're giving that code: Full filesystem access (including ~/.ssh , ~/.aws , .env files) Network access (exfiltra

386 Malicious Skills: How ClawMoat's Skill Audit Would Have Caught Them

Related Articles

The Boring Skills That Make Developers Unstoppable in 2026

I Installed This VS Code Extension… and My Code Got Instantly Better

The Age of Personalized Software

Automating Checkout Add-On Recommendations in WordPress for WooCommerce

Start Here: Learning to develop your own way with SCSIC

Related Articles

How-To
The Boring Skills That Make Developers Unstoppable in 2026
Medium Programming • 5h ago

How-To
I Installed This VS Code Extension… and My Code Got Instantly Better
Medium Programming • 6h ago

How-To
The Age of Personalized Software
Medium Programming • 8h ago

How-To
Automating Checkout Add-On Recommendations in WordPress for WooCommerce
Dev.to • 8h ago

How-To
Start Here: Learning to develop your own way with SCSIC
Medium Programming • 12h ago