深潮TechFlow|Feb 09, 2026 02:56
[SlowMist: ClawHub Gradually Becoming a New Target for Supply Chain Poisoning by Attackers]
Deep Tide TechFlow reports, on February 9th, the SlowMist security team discovered that the plugin center ClawHub of the open-source AI Agent project OpenClaw is undergoing large-scale supply chain poisoning attacks. Attackers disguise the 'dependency installation/initialization' steps in the SKILL.md file, using Base64 encoding to hide malicious commands and execute a 'two-stage' attack chain. Security scans have identified 341 malicious skills, which can phish user passwords, collect host information and documents, and upload data to the attackers' servers. The related malicious infrastructure is linked to the Poseidon hacker group.
Protection recommendations:
- Audit all 'installation steps' in SKILL.md
- Be cautious of prompts requesting system password input
- Only obtain dependencies and tools from official channels
SlowMist has issued warnings to clients via the MistEye system, involving 472 malicious skills and associated IOCs.
Share To
HotFlash
APP
X
Telegram
CopyLink