OpenClaw Tech Briefs

ClawHub Supply Chain Crisis: 575+ CVEs & Malicious Skills

ClawHub Supply Chain Crisis: 575+ CVEs & Malicious Skills

Key Questions

What malicious skills were found on ClawHub?

Five malicious skills were identified, including AMOS infostealers, padded-file evasion, and the first documented agent-driven Solana pump-and-dump. Unit 42 analysis shows 80% of 49,943 skills deviate from declared behavior, with active exploitation of a Langflow flaw also reported.

Which critical CVEs are associated with the ClawHub crisis?

Key vulnerabilities include CVE-2026-53810 (patched), the Four Claw Chain (CVSS 9.6), and CVE-2026-53841 (critical XSS). These issues are compounded by broad filesystem discovery and credential exposure in skills like the DingTalk attendance skill.

What is HalluSquatting and how does it affect OpenClaw?

HalluSquatting exploits AI hallucinations to create botnets, with OpenClaw tests showing 80-100% success rates in repository and skill scenarios. Research confirms this fundamental weakness across models, underscoring the need for provenance vetting before installing community skills.

New article: five malicious skills found including AMOS infostealers, padded-file evasion, and first documented agent-driven Solana pump-and-dump. Unit 42: 80% of 49,943 skills deviate from declared behavior. Active exploitation of Langflow flaw poisoning ClawHub. Critical CVEs: CVE-2026-53810 (patched), Four Claw Chain (CVSS 9.6), CVE-2026-53841 (critical XSS). New defenses: Claw Patrol, Skill Security Auditor, NanoClaw/JFrog immune system. New: security audit of DingTalk attendance skill on ClawHub reveals broad filesystem discovery, credential exposure, mobile-to-userid lookup, and unencrypted local storage — a practical example for skill vetting. New: HalluSquatting research shows AI hallucinations can be exploited to create botnets; OpenClaw explicitly tested with 80-100% hallucination rates in repository/skill scenarios. Another article from a different source confirms with specific success rates. Reinforces need for skill vetting and source verification.

Sources (2)
Updated Jul 12, 2026