OpenClaw ClawHub Under Attack: 341 Malicious Plugins Expose Supply Chain Risks
The post OpenClaw ClawHub Under Attack: 341 Malicious Plugins Expose Supply Chain Risks appeared first on Coinpedia Fintech News
OpenClaw’s fast-growing plugin store, ClawHub, is under security spotlight after blockchain security firm SlowMist uncovered a large batch of malicious skills on the platform.
The finding points to weak review checks that allowed hidden, harmful code to spread through developer tools.
OpenClaw ClawHub Plugin Faces Supply Chain Attack RiskSlowMist revealed that OpenClaw’s official plugin hub, known as ClawHub, has become a new target for supply chain-style attacks. The platform recently gained rapid popularity among AI agent developers, but its plugin screening process did not keep pace with growth.
Because plugin reviews were not strict enough, attackers were able to publish many dangerous skills that looked useful on the surface but carried hidden risks.
SlowMist teams say this type of attack is especially risky because developers often trust official plugin centers and follow installation steps without deep inspection.
