ClawHub Skill Risk Scanner
Is this skill safe to install?
820+ malicious skills found on ClawHub. Answer 8 questions about any skill you're considering — get an instant risk score and a breakdown of every red flag.
ClawHub Skill Risk Scanner
Answer 8 questions to get an instant risk score.
1.Did you find this skill via a random post or forum link?
2.Does the skill request access to your file system or local files?
3.Does the skill make outbound HTTP/WebSocket calls to external URLs?
4.Does the skill ask for your API keys, tokens, or credentials in its config?
5.Is the skill author unverified or has fewer than 5 published skills?
6.Does the skill's code contain eval(), exec(), or dynamic imports?
7.Has the skill been published or updated in the last 7 days?
8.Did you read the skill's full source code before considering install?
Answer all 8 questions to continue.
The ClawHub malicious skill epidemic
ClawHub's open publishing model means anyone can upload a skill with no code review, no identity verification, and no automated malware scanning. Security researchers identified over 820 malicious skills in early 2026 — including active Atomic macOS info-stealer distribution chains hiding inside legitimate-looking prerequisites. Infection was triggered the moment a user ran the install command shown in the skill's README.
Download count provides no protection — several of the most-installed malicious skills had thousands of installs before removal. New accounts are trivial to create, and ClawHub's ranking algorithm rewards velocity, not trustworthiness. The only reliable defence is reviewing the full source code of every skill before installation, checking the author's complete publication history, and treating every ClawHub skill like a random npm package from an unknown author. Read the ClawHub security checklist on the blog →