Snyk Finds 534 Malicious Skills on ClawHub — 36% of All Agent Skills Have Security Flaws
Snyk's ToxicSkills research (Feb 5, 2026) scanned 3,984 skills from ClawHub and skills.sh — the largest corpus of agent skills audited to date. The findings: 5…
Published on MyPrivateClaw
Apr 1, 2026, 7:50 PM UTC
Coverage date
Feb 5, 2026
Last updated
Apr 4, 2026, 5:45 AM UTC
News summary
Snyk security researchers published the first comprehensive security audit of the AI Agent Skills ecosystem on February 5, 2026, scanning 3,984 skills from ClawHub and skills.sh — the largest publicly known corpus of agent skills at the time. The findings were stark: 13.4% of all skills (534 total) contained at least one critical level security issue, including malware distribution, prompt injection attacks, and exposed secrets. Expanding to any severity level, 36.82% of the ecosystem (1,467 skills) had at least one security flaw. The research, collectively named "ToxicSkills," also confirmed 76 malicious payloads through human in the loop review, with 8 of those remaining publicly available on clawhub.ai at time of publication. The attack surface is broad: agent skills are reusable capability packages that instruct AI agents how to interact with tools, APIs, and system resources. Malic…