Security researchers are warning that the growing ecosystem around ‘OpenClaw,’ the self-hosted AI assistant formerly known as both Clawdbot and Moltbot, has already become a target for malware distribution. According to a report published by OpenSourceMalware, at least 14 malicious “skills” were uploaded to ClawHub between January 27 and 29. These masquerade as crypto trading or wallet automation tools while attempting to deliver malware to users’ systems. The affected skills were hosted on ClawHub, a public registry designed to make it easy for OpenClaw users to find and install third-party extensions. Skills in this ecosystem are not sandboxed scripts but folders of executable code that can interact directly with the local file system and access network resources once installed and enabled.

Full report : OpenSourceMalware: 230+ malicious OpenClaw extensions, posing as crypto trading automation tools to steal user info, were uploaded to ClawHub since January 27.