HomeIntelligenceBrief
BREACH BRIEF🟠 High ThreatIntel

Malicious Packages Discovered in OpenClaw’s ClawHub AI Skills Marketplace

OpenClaw removed five malicious AI‑skill packages from its ClawHub marketplace after they evaded security checks and contained infostealers. The incident highlights supply‑chain risk and the need for robust vendor‑management controls in SOC 2 audits.

LiveThreat™ Intelligence · 📅 June 25, 2026· 📰 darkreading.com
🟠
Severity
High
TI
Type
ThreatIntel
🎯
Confidence
High
🏢
Affected
3 sector(s)
Actions
3 recommended
📰
Source
darkreading.com

Malicious Packages Discovered in OpenClaw’s ClawHub AI Skills Marketplace

What Happened — OpenClaw’s ClawHub marketplace removed five AI‑skill packages that had evaded the platform’s security checks. The packages contained infostealers and other malicious payloads, posing a direct threat to downstream AI model developers who might have integrated them.

Why It Matters for Compliance & Audit Readiness

  • This scenario exemplifies a supply‑chain risk that SOC 2 vendor‑management controls are designed to detect, assess, and continuously monitor.
  • Demonstrating due‑diligence over third‑party code repositories (evidence of security‑gate reviews, remediation, and ongoing monitoring) is essential audit evidence for the CC6.1 “Vendor Management” control.
  • Continuous evidence collection on marketplace vetting processes helps maintain a defensible audit trail should a regulator or customer request proof of risk mitigation.

Who Is Affected — AI‑focused SaaS providers, ML model developers, and any organization that consumes third‑party AI skills or plugins.

Recommended Actions

  • Map the marketplace vetting process to SOC 2 CC6.1 controls and capture evidence of each security‑gate step.
  • Implement automated monitoring of third‑party code repositories for known malicious signatures and anomalous behavior.
  • Conduct a rapid risk assessment of any already‑deployed ClawHub skills and remediate compromised environments.

Technical Notes – The malicious packages bypassed ClawHub’s static analysis checks, delivering infostealers that could exfiltrate credentials and data. No public CVE is associated; the threat vector is a supply‑chain dependency on unvetted third‑party code. Source: Dark Reading

📰 Original Source
https://www.darkreading.com/cyber-risk/malicious-openclaw-skills-clawhub-threaten-ai-supply-chain

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Vendor Risk Hub

Point-in-time vendor reviews miss incidents like this.

Verisq AI Trust Operations replaces the annual questionnaire with continuous third-party monitoring — so vendor exposure becomes audit evidence, not a once-a-year guess.

See how Verisq AI Trust Operations works →