OpenClaw, a widely adopted AI agent ecosystem with a skill marketplace called ClawHub, is being actively abused by attackers who publish malicious skills containing embedded shell commands or harmful natural-language instructions. Approximately 530 vulnerabilities have been discovered in OpenClaw and its underlying technologies, many involving sensitive data storage and excessive privileges. Kaspersky identified over 600 malicious skills from 24 accounts in April, with 1,100+ malicious accounts created since January. Malicious skills observed include macOS payloads using base64-encoded curl-pipe-to-bash execution and Windows MSI installers distributed via password-protected ZIP archives.