Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users

A security audit of ClawHub skills revealed 341 malicious skills designed to steal data from OpenClaw users, with 335 of them using fake prerequisites to install a macOS stealer named Atomic Stealer (AMOS), codenamed ClawHavoc. OpenClaw’s creator has since implemented a reporting feature to help mitigate the issue of malicious skills being uploaded to the platform.