Methodology

AI agents are running third-party code on your machine. Last week, Anthropic announced extra charges for OpenClaw support in Claude Code , drawing fresh attention to the ecosystem. We wanted to answer a straightforward question: how safe are the most popular OpenClaw skills? We used AgentGraph's open-source security scanner to analyze 25 popular OpenClaw skill repositories from GitHub. The scanner inspects source code for: Hardcoded secrets (API keys, tokens, passwords in source) Unsafe execution (subprocess calls, eval/exec, shell=True) File system access (reads/writes outside expected boundaries) Data exfiltration patterns (outbound network calls to unexpected destinations) Code obfuscation (base64-encoded payloads, dynamic imports) It also detects positive signals: authentication checks, input validation, rate limiting, and CORS configuration. Each repo receives a trust score from 0 to 100. Results Summary All 25 repositories scanned successfully. The aggregate numbers: Metric Value