Concept
ClawHavoc
The early-2026 supply-chain attack on the OpenClaw ecosystem: typosquatted malicious AgentSkills published to ClawHub. The incident drove ClawHub’s VirusTotal scanning partnership and a broader reckoning over agent-skill provenance.
/Key Facts
- Type
- Supply-chain attack
- Vector
- Typosquatted skills on ClawHub
- Period
- Early 2026
- Aftermath
- ClawHub × VirusTotal scanning