Bitdefender warns: 17% of OpenClaw AI skills carry malware

Bitdefender: 17% of OpenClaw AI skills are malicious

By Nayan Savaliya • February 8, 2026

Bitdefender says 17% of OpenClaw AI skills act maliciously. Crypto-focused tools are spreading macOS infostealers into corporate networks — act now.

Bitdefender reports 17% of OpenClaw AI skills behave maliciously.
Crypto-focused skills are distributing macOS infostealers into corporate networks.
The finding highlights supply‑chain risk from AI skill marketplaces.
Organisations must vet, restrict and monitor AI skills to limit exposure.

What Bitdefender found

Bitdefender’s analysis identified that roughly 17% of skills in the OpenClaw AI marketplace exhibit malicious behaviour. The company says several of those skills — particularly ones tied to cryptocurrency workflows — have been used to spread macOS infostealers into corporate environments. Those infostealers can harvest credentials and sensitive data from infected Macs, creating a pathway for wider network compromise.

Why this matters

Malicious AI skills change the threat landscape in two key ways. First, they turn a convenience layer — small, specialised tools users enable to speed tasks — into a potential attack vector. Second, because skills are often shared or adopted quickly, a single malicious skill can reach many organisations before detection.

The use of crypto-focused skills is noteworthy because these workflows tend to request or process wallet credentials, exchange APIs and other high-risk data. When combined with macOS‑targeting infostealers, the result is targeted data theft that can jump from individual machines into corporate systems.

Practical steps for organisations

Given the risk outlined by Bitdefender, security teams should treat AI skill marketplaces like any third‑party software source. Practical steps include:

Restrict skill installation: Limit who can enable skills and require administrative approval for new additions.
Vet skills before use: Check developer reputation, reviews, and any available code or behaviour analysis. Avoid unverified or low‑transparency skills.
Harden endpoints: Ensure macOS devices run current patches, use endpoint detection and response (EDR), and have anti‑malware capable of detecting infostealers.
Monitor for unusual activity: Watch for credential exfiltration, unexpected network connections, and abnormal use of crypto-related APIs.
Apply least privilege: Reduce the data and system access skills can reach; use vaults or secure credential stores rather than pasting passwords.

What organisations should watch next

Expect increased scrutiny of AI marketplaces and calls for stronger publisher verification and runtime controls. Vendors and platform operators will likely accelerate safety checks, but until marketplaces build robust governance, security teams must assume some skills are risky and adopt defensive controls.

If your organisation uses OpenClaw or similar AI marketplaces, treat Bitdefender’s findings as a warning: review installed skills, tighten controls, and update endpoint protections. Rapid adoption of AI capabilities can boost productivity — but unchecked, it can also create a fast, stealthy route for malware into corporate networks.

Image Referance: https://securitybrief.com.au/story/bitdefender-warns-openclaw-ai-skills-rife-with-malware