criticalSkill·

AGS-2026-0007

ClawHavoc — 341 malicious skills discovered in the ClawHub registry (Feb 2026)

What happened

In February 2026, ClawHub disclosed an incident dubbed ClawHavoc in which 341 malicious skills were found in the registry. This followed a coordinated campaign documented by OpenSourceMalware.com in which 30+ malicious skills were distributed across Claude Code and OpenClaw users.

Tactics

  • Typo-squatting on popular skill names.
  • Skills that look benign in description but contain hidden instructions in SKILL.md asking the agent to read env vars and POST them to a webhook.
  • Skills that ask the agent to install a follow-on package as a 'dependency'.

Self-check

AgentGuard subscribers receive this advisory automatically and their local guard runs the inspection below.

References