← Back to dashboard
clawsmith.com/claw/snyk-toxicskills-1467-malicious-clawhub-prompt-injection
IssueCompetitiveLive

Snyk ToxicSkills: 36% of ClawHub Skills Have Prompt Injection, 1,467 Malicious Payloads

Snyk scanned 3,984 ClawHub skills and found 1,467 malicious payloads. 36% of all skills contain detectable prompt injection. 91% of confirmed malicious samples combine prompt injection with traditional malware.

Virality Score
5,000
across 3 platforms

Score Breakdown

HN
2,500
Reddit
2,000
X
500

Social Proof 2 sources

HN
Snyk ToxicSkills: 36% of ClawHub skills have prompt injection
2/5/2026
2,450RD
1467 malicious skills, 36% prompt injection — Snyk audit
2/6/2026
2,350

Gap Assessment

CompetitiveMarket has established players

Snyk ToxicSkills Scanner, VirusTotal integration, and SecureClaw all address this space. Competitive.

Details
Signalissue
Ecosystem
Sources2
Platforms3
Updated2d ago
Trend→ stable
Related signals
92.8kAgents of Chaos: 38 Researchers Deploy 6 OpenClaw Agents — 11 Critical Failure Patterns in 14 Days35.6kCapability Evolver — #1 ClawHub Skill (35K Downloads) Caught Exfiltrating Data to ByteDance Feishu18.3kChina Bans OpenClaw from Government Computers and Banks — CERT Warns 'Extremely Weak Security'