Hackers use Hugging Face and ClawHub to distribute 575+ malicious AI skills

An active malware distribution campaign abuses Hugging Face and ClawHub platforms to deliver trojans, cryptominers, and infostealers disguised as legitimate AI agent skills, with over 575 malicious skills identified in the OpenClaw ecosystem alone. Snyk's ToxicSkills audit found 13.4% of 3,984 scanned skills contained critical-level security issues, with 76 confirmed malicious payloads. A structural blind spot exists: major Anthropic skill scanners do not inspect bundled test files, which execute with full local permissions through standard test runners.