Claw Hub / Security / ClawHavoc Incident

The ClawHavoc Incident: Claw Hub Security Alert for OpenClaw Hub

A detailed analysis of the February 2026 security incident that affected Claw Hub, revealing 341 malicious skills and leading to major security improvements for the OpenClaw hub ecosystem.

🚀 Deploy Your OpenClaw Bot in Minutes

Professional OpenClaw AI Bot hosting by AiBotClaw.com — Skip the setup, get 7×24 operation with automatic updates

One-click deployment
24/7 uptime monitoring
Auto security updates
Professional support
⬡ Instant access to all 3,286 ClawHub skills
Start Hosting →
From $16.99/mo
annual billing
⚠️
Security Incident Resolved

This incident occurred in February 2026. Claw Hub has since implemented enhanced security measures including VirusTotal integration and improved moderation. The information below is provided for educational purposes and historical record.

ClawHavoc Incident Overview

Key statistics from the Claw Hub security incident

341
Malicious Skills Found
283
Skills with Flaws (7.1%)
2,419
Skills Removed
5,705→3,286
Total Skills Change

Attack Methods Used Against Claw Hub Users

How malicious actors exploited the OpenClaw hub skill ecosystem

🎭 Fake Prerequisites

Malicious skills used deceptive prerequisite requirements to trick OpenClaw hub users into downloading malware disguised as necessary dependencies.

💾 Atomic Stealer Malware

The primary payload was Atomic Stealer, a sophisticated information-stealing malware targeting credentials and sensitive data from infected systems.

🔐 Credential Theft

Attackers targeted authentication credentials, API keys, and session tokens stored on macOS and Windows systems running OpenClaw hub.

🖥️ Cross-Platform Targets

Both macOS and Windows users of OpenClaw hub were affected. The malware was designed to operate across different operating systems.

📊 Data Exfiltration

Stolen data was transmitted to attacker-controlled servers, potentially including cryptocurrency wallets, browser data, and development secrets.

🔓 Open Platform Exploit

Claw Hub's open nature allowed anyone with a week-old GitHub account to upload skills, which attackers exploited to distribute malware.

ClawHavoc Incident Timeline

Key events from discovery to recovery in the Claw Hub security incident

Early February 2026

Discovery Phase

Security researchers discovered 341 malicious Claw Hub skills designed to steal data from OpenClaw hub users. Additional analysis revealed 283 skills with serious security vulnerabilities, representing 7.1% of all skills at the time.

February 2026

Immediate Claw Hub Response

Peter Steinberger and the Claw Hub team began removing suspicious and malicious skills. Approximately 2,419 skills were removed or hidden, reducing the total from 5,705 to 3,286 skills.

February 7, 2026

VirusTotal Partnership Announced

Claw Hub officially partnered with VirusTotal to provide automatic malware scanning for all skills. New and existing skills would undergo security scanning to detect malicious code.

February 2026

Enhanced Moderation System

Implemented automatic hiding of skills receiving 3+ independent user reports. Added user reporting system and improved审核 mechanisms for Claw Hub.

Post-Incident

Ongoing Security Improvements

Claw Hub continued to strengthen security measures, educate users about safe skill installation, and work with the security community to prevent future incidents in the OpenClaw hub ecosystem.

Claw Hub Security Response Measures

How Claw Hub improved security for OpenClaw hub users

✓ Removed 2,419 Skills

Claw Hub removed approximately 2,419 suspicious or malicious skills, reducing the marketplace from 5,705 to 3,286 skills to protect OpenClaw hub users.

✓ VirusTotal Integration

Partnership with VirusTotal provides automatic malware scanning for all skills uploaded to Claw Hub, helping detect malicious code before it reaches users.

✓ Auto-Hide System

Skills receiving 3 or more independent user reports are automatically hidden from Claw Hub, providing community-driven security for OpenClaw hub.

✓ Enhanced Moderation

Improved审核 mechanisms and dedicated moderation team to review flagged skills and investigate potential security threats in Claw Hub.

✓ User Reporting System

Enabled users to easily report suspicious skills, empowering the OpenClaw hub community to help identify security threats quickly.

✓ Security Education

Increased efforts to educate OpenClaw hub users about safe skill installation practices and warning signs of potentially malicious skills.

Academic Research and Criticism

Security concerns raised by researchers about Claw Hub and OpenClaw hub

🎓 Northeastern University Research

Researchers from Northeastern University conducted analysis of the Claw Hub ecosystem and characterized it as a "privacy nightmare" due to insufficient security review mechanisms for AI agent skills.

The academic research highlighted several critical concerns:

  • ! Insufficient code review for uploaded skills
  • ! Lack of permission controls for skill capabilities
  • ! Open platform allowing rapid malware distribution
  • ! Need for stricter security mechanisms in AI agent ecosystems

ClawHavoc News Coverage

Reports from major security news sources about the Claw Hub incident

The Hacker News

Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users

Comprehensive coverage of the ClawHavoc discovery and its implications for OpenClaw hub security.
SC Media

OpenClaw Agents Targeted with 341 Malicious ClawHub Skills

Security analysis of the attack methods used against OpenClaw hub users through Claw Hub.
VirusTotal Blog

From Automation to Infection: How OpenClaw AI Agent Skills Are Being Weaponized

Technical deep-dive into the malware distribution methods and VirusTotal's role in securing Claw Hub.
Koi.ai

ClawHavoc: 341 Malicious Skills Found by the Bot They Were Targeting

Unique perspective on how the malicious skills were discovered through AI-powered security research.
CrowdStrike

What Security Teams Need to Know About OpenClaw, the AI Super Agent

Enterprise security guidance for organizations using OpenClaw hub and Claw Hub skills.

Lessons Learned from ClawHavoc

Key takeaways for Claw Hub users and the OpenClaw hub community

Security Best Practices for OpenClaw Hub Users

  • Always verify skill downloads, stars, and community feedback before installing from Claw Hub
  • Review SKILL.md code and execution logic to understand what a skill does
  • Check for VirusTotal scan results on skills published after February 2026
  • Be cautious of skills requesting unusual prerequisites or permissions
  • Report suspicious skills immediately to help protect the OpenClaw hub community
  • Keep your OpenClaw hub installation and installed skills updated
  • Use separate credentials and API keys for development environments
  • Monitor your systems for unusual activity after installing new skills

Stay Safe When Using Claw Hub Skills

Learn comprehensive security practices for safely installing and using skills from Claw Hub in your OpenClaw hub projects.

Read Security Guide → Installation Guide