AgentsOpenClaw Supply Chain Crisis 800 Malicious Skills ClawHavocTrend Micro·high signal800+ malicious skills on ClawHub (20% of registry). ClawHavoc planted 1184+ skills distributing Atomic Stealer. 135K exposed instances. 15K vulnerable to RCE.SourceSource pageTrend Micro↳ Follow the threadPolicy dependency / Stack layerIAPS warns on Kimi Claw: security and governance risks of Chinese-hosted 'always-on' AI agentsIAPSStack layer / Threat patternMalicious agent skills evade every scanner: HKUST's SkillCloak beats detectors 90%+ of the time, SkillDetonate catches 97%Help Net SecurityStack layer / Threat patternsickn33/agentic-awesome-skills Hits 1,900+ Installable Agent Skills — and an Installer CLI to MatchGitHubStack layer / Threat patternOpenClaw ships broad July 6 platform update: GPT-5.6 support, external harness attach, hardened provider I/OReleasebotStack layer / Threat patternCodeTracer Performs Forensic Attribution of Backdoored Code CompletionsarXivThreat pattern / Follow-up threadClawHavoc campaign plants 300+ malicious skills on a single marketplace to run infostealersUnit 42 (Palo Alto Networks)Stack layer / Threat patternClaude Cowork Sandbox-Escape Chain Reportedly Escalates Local Code Execution to RootCyberdessertsPolicy dependency / Stack layerKastra Launches Policy Enforcement for Claude Code, Cursor, and CodexHacker News