Hold
The largest community skill registry (~5,700 skills) — but the ClawHavoc breach shattered trust.
Why It Matters
clawhub.ai was the go-to community marketplace for OpenClaw skills. Then came ClawHavoc in early 2026: security researchers found hundreds of malicious skills, with 7.1% leaking API keys. The incident was a wake-up call for the entire skills ecosystem. ClawHub has since added VirusTotal integration for hash checking, but trust is rebuilt slowly.
Strengths
- Largest community catalog at ~5,700 skills — sheer volume is unmatched
- Post-incident security improvements (VirusTotal hash scanning) show responsiveness
- Active community that continues to contribute despite the breach
Limitations
- The ClawHavoc incident is recent and trust recovery is ongoing — vet every skill manually
- 7.1% API key leakage rate means historical installs may still be compromised
- Hash-based scanning catches known threats but misses novel prompt injection attacks
- Hold rating: do not adopt until the security posture is independently audited
Risks
- ClawHavoc was catastrophic: hundreds of malicious skills ran in production agents, exfiltrating API keys, injecting prompts, and compromising user systems
- 7.1% is not a small number — that's 1 in 14 skills actively stealing credentials
- VirusTotal hash checking is a band-aid, not a fix; it detects known malware signatures, not the novel prompt injection techniques that caused ClawHavoc
- The incident demonstrated that community-driven skill marketplaces without mandatory security review are fundamentally unsafe for production use
- Trust takes years to build and seconds to destroy — ClawHub's brand may never fully recover