Writing on the @1Password blog, Jason Meller says that he found that the top downloaded OpenClaw skill was a malware delivery vehicle:
While browsing ClawHub (I won t link it for obvious reasons), I noticed the top downloaded skill at the time was a Twitter skill. It looked normal: description, intended use, an overview, the kind of thing you d expect to install without a second thought.
But the very first thing it did was introduce a required dependency named openclaw-core, along with platform-specific install steps. Those steps included convenient links ( here , this link ) that appeared to be normal documentation pointers.
