Distinguishing Malicious from Vulnerable: 2,354 Popular ClawHub Skills Analysed (trent.ai)

A recent security analysis of 2,354 skill packages from ClawHub, the predominant registry for OpenClaw AI agent skills, has unveiled a significant distinction: over 90% of flagged packages are not outright malicious but are instead insecure. Conducted using the Trent AI OpenClaw Security Assessment Skill, the study compared results with VirusTotal's traditional signature-based detection, finding that while VirusTotal identified primarily suspicious packages, the Trent analysis highlighted a concerning 86% of the packages as vulnerable. This crucial differentiation suggests that the real issue lies not in a plethora of malicious actors but in a widespread lack of secure development practices among creators of AI skills. The implications for the AI/ML community are profound. With 2,025 packages deemed vulnerable due to common design flaws—such as inadequate input validation, plaintext credential storage, and unscoped API access—this analysis points to systemic ecosystem flaws rather than isolated developer mistakes. As these vulnerabilities introduce significant security risks, addressing them requires improving development standards, providing better tools and templates, and fostering a culture of security awareness among developers. The findings underscore the urgent need for enhanced support and frameworks to ensure security is embedded into the design of AI skills from the outset, transforming the development landscape for AI applications.