OpenClaw is an AI-powered automation framework with a plugin βskillsβ marketplace that creates a substantial supply-chain attack surface when user-installable modules run with broad system permissions. Flareβs analysis highlights confirmed issues such as CVE-2026-25253 and numerous poisoned skills enabling credential theft and remote code execution, while current underground discussion is driven more by research amplification and hype than by mass criminal operationalization. #OpenClaw #ClawHub
Keypoints
- OpenClaw is an agentic automation framework that runs modular skills from a centralized marketplace.
- Researchers confirmed critical flaws including CVE-2026-25253 enabling one-click remote code execution.
- Skills execute without sandboxing, allowing stolen credentials and system access when abused.
- Hundreds of poisoned skills have been identified, indicating a clear supply-chain poisoning risk.
- Underground mentions are high but currently reflect early-stage experimentation and research, not large-scale criminalization.