Black & White Path

Feb 14, 2026 · Information Security

OpenClaw Becomes New Supply‑Chain Poisoning Target: 341 Malicious Skills Steal User Data

Security researchers discovered that the open‑source AI agent platform OpenClaw’s ClawHub marketplace has been compromised by 341 malicious Skills modules that embed two‑stage payloads, steal user files, and expose a supply‑chain poisoning campaign with detailed IOCs.