Bitdefender reveals how easy it is for threat actors to abuse the OpenClaw skills ecosystem. Based on research carried out by the cybersecurity firm, the company shows that 17% of the OpenClaw skills analyzed during the first week of February were all malicious.
Additionally, the company announces that it has created a free AI skills checker designed to help users quickly assess whether an AI skill may pose a risk before installing or running it.
Malicious capabilities of OpenClaw skills
OpenClaw is an open source project that has attracted a large number of developers for its capabilities. It works as an execution engine capable of activating workflows, interacting with online services, managing accounts and operating on different devices through chat and messaging interfaces. Everything it does is based on modular “skills”, which are, in fact, small pieces of code that define what the AI can execute on behalf of the user. It can be considered a toolbox for automation, especially popular in crypto-focused workflows.
Bitdefender now shows how easily threat actors abuse the OpenClaw skills ecosystem. The main conclusions of this research include:
• 17% of OpenClaw skills analyzed during the first week of February show malicious behavior.
• 54% of identified malicious skills are related to cryptography, making it by far the most abused category.
• At least three different skills have distributed AMOS Stealer on macOS, with payloads downloaded from URLs associated with the 91.92.242.30 domain.
Bitdefender warns of the ease with which threat actors abuse the OpenClaw ecosystem
Beyond the risk to the user, the threat is expanding. According to research conducted by Bitdefender, OpenClaw has increased its presence in corporate environments, with hundreds of cases detected.
