Agents
Mitiga Research: Malicious AI Agent Skills Enable Silent Full-Codebase Exfiltration With No Audit Trail
Mitiga Labs demonstrated how a single one-click skill install can silently copy an entire codebase, add an adversary's remote, and push via git — completing before any audit trail is written and appearing as legitimate agent activity. The attack surface is large: Anthropic skills launched in December 2025 and within 3 months the top skill had 200K+ downloads, with ToxicSkills research separately finding 36% of ClawHub skills contain active security flaws. No jailbreak or user interaction required after install.
Source
↳ Follow the thread