Five OpenClaw Marketplace Skills Removed After Security Controls Were Bypassed

OpenClaw has taken down five skills from its ClawHub marketplace after determining that the packages had slipped past security checks despite carrying infostealers and other malicious components. The...

OpenClaw has taken down five skills from its ClawHub marketplace after determining that the packages had slipped past security checks despite carrying infostealers and other malicious components. The removal highlights the growing challenge of keeping AI tool ecosystems safe as attackers look for ways to distribute harmful code through trusted software channels.

According to the report, the affected listings were able to evade the platform's screening process before being discovered and pulled. While the company did not detail every technique used to bypass the controls, the incident suggests that marketplace defenses remain a target for threat actors seeking to reach users who may assume downloadable skills have already been vetted.

Cases like this are drawing increasing attention because AI marketplaces are becoming part of the broader software supply chain. As organizations adopt third-party skills, plugins, and agents to extend AI systems, each new dependency can introduce risk if the package review process is incomplete or can be manipulated. Malicious submissions may be designed to steal credentials, harvest data, or create a foothold for later compromise.

Why it matters

  • Marketplace vetting can be bypassed even when security checks are in place.
  • Infostealers remain a common tool for stealing sensitive information from victims.
  • AI ecosystems are becoming attractive distribution points for supply chain attacks.
  • Organizations should review third-party AI add-ons as carefully as any other software dependency.

The incident serves as a reminder that AI supply chain security is no longer limited to model training data or cloud infrastructure. The ecosystem around AI applications, including downloadable skills and integrations, is now part of the attack surface and needs the same level of scrutiny as traditional software repositories.