AgentsOpenClaw Supply Chain Crisis 800 Malicious Skills ClawHavocTrend Micro·high signal800+ malicious skills on ClawHub (20% of registry). ClawHavoc planted 1184+ skills distributing Atomic Stealer. 135K exposed instances. 15K vulnerable to RCE.SourceSource pageTrend Micro↳ Follow the threadPolicy dependency / Stack layerIAPS warns on Kimi Claw: security and governance risks of Chinese-hosted 'always-on' AI agentsIAPSStack layer / Threat patternMalicious agent skills evade every scanner: HKUST's SkillCloak beats detectors 90%+ of the time, SkillDetonate catches 97%Help Net SecurityStack layer / Threat patternsickn33/agentic-awesome-skills Hits 1,900+ Installable Agent Skills — and an Installer CLI to MatchGitHubStack layer / Threat patternOpenClaw ships broad July 6 platform update: GPT-5.6 support, external harness attach, hardened provider I/OReleasebotStack layer / Threat patternCodeTracer Performs Forensic Attribution of Backdoored Code CompletionsarXivThreat pattern / Follow-up threadClawHavoc campaign plants 300+ malicious skills on a single marketplace to run infostealersUnit 42 (Palo Alto Networks)Stack layer / Threat patternUnit 42: AI-agent npm packages become a prime supply-chain target in H1 2026Unit 42 (Palo Alto Networks)Stack layer / Threat patternGhostApproval: symlink flaw turns human-in-the-loop into a rubber stamp across 6 coding agentsCyber Security News