PSA: If you obtain OpenClaw skills from ClawHub, make sure you perform a security audit on them. You can ask OpenClaw itself to do this (and give the skill link), or you can use a service like SkillSieve – esp if you are engaged in serious implementations. According to their recent paper on arXiv – SkillSieve found 13% of OpenClaw agent skills are malicious. Before you install anything from the hub, just read the permissions it wants as a start – then scan. What's your security hygiene on agent skills? [Translated from EN to English]

→ View original post on X — @scobleizer, 2026-04-10 08:13 UTC