Slow Fog: ClawHub is gradually becoming a new target for attackers to implement supply chain poisoning

According to SlowMist's monitoring, the official plugin center ClawHub of the open-source AI Agent project OpenClaw is gradually becoming a new target for attackers to implement supply chain poisoning.

Due to the platform's lack of a comprehensive and strict review mechanism, a large number of malicious skills have already infiltrated, being used to spread malicious code or deliver harmful content, posing potential security risks to developers and users. According to a report by Koi Security, 341 malicious skills were identified in a scan of 2,857 skills, reflecting a typical "plugin/extension market supply chain poisoning" pattern.

SlowMist advises not to treat the "installation steps" in SKILL.md as a trusted source; any command that requires copying and pasting should be audited first; be wary of prompts that "require entering the system password/granting accessibility/system settings," as these are often points of risk escalation; prioritize obtaining dependencies and tools from official channels to avoid executing installation scripts from unknown sources.