Skills.sh scanner blind spot for externally linked AI agent skills
Security Tool/Service
Summary
Hide ▲
Show ▼
Security scanners for AI agent skills, including those wired into skills.sh, cleared a fake skill that hid its real payload behind stitch-design.ai, exposing a vetting gap that can let post-review instructions slip through. The skill, brand-landingpage, was pushed through a marketplace and an Instagram ad. A clean scan at install time did not guarantee a safe skill afterward because the linked content could change later.
Related Happenings
Prominent cybercrime threat actors AI-assisted zero-day exploitation campaign
Campaign
H score30
First: 11.05.2026 16:00
Last: 11.05.2026 16:00
Sources 1
About this happening:
An **AI-assisted zero-day exploitation campaign** was planned by **prominent cybercrime threat actors**, but the effort was **disrupted before deployment** and did not reach its i...
Prominent cybercrime threat actors AI-assisted zero-day exploitation campaign
CampaignAbout this happening: An **AI-assisted zero-day exploitation campaign** was planned by **prominent cybercrime threat actors**, but the effort was **disrupted before deployment** and did not reach its i...
Google Antigravity prompt-injection fix
Security Patch Release
H score31
First: 21.04.2026 13:52
Last: 21.04.2026 13:52
Sources 1
About this happening:
**Google** fixed **Antigravity**'s **prompt injection flaw** in **February**, closing a path that could lead to **sandbox escape** and **remote code execution (RCE)**. The patch f...
Google Antigravity prompt-injection fix
Security Patch ReleaseAbout this happening: **Google** fixed **Antigravity**'s **prompt injection flaw** in **February**, closing a path that could lead to **sandbox escape** and **remote code execution (RCE)**. The patch f...
Anthropic launches Project Glasswing with Claude Mythos for vulnerability discovery
Security Tool/Service
H score58
First: 08.04.2026 12:16
Last: 08.04.2026 12:16
Sources 1
About this happening:
**Anthropic’s Project Glasswing** is now showing measurable results: since launching last month, the **Claude Mythos Preview**-based initiative has uncovered **more than 10,000**...
Anthropic launches Project Glasswing with Claude Mythos for vulnerability discovery
Security Tool/ServiceAbout this happening: **Anthropic’s Project Glasswing** is now showing measurable results: since launching last month, the **Claude Mythos Preview**-based initiative has uncovered **more than 10,000**...
Latest development: 03.06.2026 14:00
President Donald Trump signed a June 2 executive order that sets up a voluntary framework for developers of covered frontier models to give the US government access for cybersecurity review for up to 30 days before release, while expressly rejecting any mandatory licensing or preclearance requirement. The order directs NSA, CISA, and NIST to build a classified benchmark for determining which models cross the covered threshold and creates an AI cybersecurity clearinghouse led by the Treasury Department. The framework closely echoes Anthropic's Project Glasswing, which gives vetted partners early access to Claude Mythos Preview to scan critical software for vulnerabilities.
VirusTotal Code Insight scanning for OpenClaw ClawHub skills
Security Tool/Service
H score35
First: 08.02.2026 09:32
Last: 08.02.2026 09:32
Sources 1
About this happening:
**OpenClaw** has added **VirusTotal Code Insight** scanning for **ClawHub** skill uploads, changing how new skills are vetted before publication. **Benign** bundles are approved a...
VirusTotal Code Insight scanning for OpenClaw ClawHub skills
Security Tool/ServiceAbout this happening: **OpenClaw** has added **VirusTotal Code Insight** scanning for **ClawHub** skill uploads, changing how new skills are vetted before publication. **Benign** bundles are approved a...
OpenClaw skills delivering infostealer malware to macOS and Windows systems
Malware Activity
H score30
First: 03.02.2026 18:30
Last: 03.02.2026 18:30
Sources 1
About this happening:
Researchers identified **386 malicious OpenClaw skills** that pose an active infostealer risk to **macOS** and **Windows** users. The skills impersonate crypto-trading automation...
OpenClaw skills delivering infostealer malware to macOS and Windows systems
Malware ActivityAbout this happening: Researchers identified **386 malicious OpenClaw skills** that pose an active infostealer risk to **macOS** and **Windows** users. The skills impersonate crypto-trading automation...
Timeline
-
23.06.2026 18:16 2 articles · 2h ago
Fake AI agent skill bypasses scanners and reaches roughly 26,000 agents
Initial DisclosureSecurity firm AIR says its fake AI agent skill brand-landingpage passed package-only scanners from Cisco, NVIDIA, and skills.sh, then spread through a popular skill marketplace and an Instagram ad aimed at marketers, salespeople, and designers. AIR says the skill used an external stitch-design.ai link tied to Google's Stitch setup flow so the submitted SKILL.md and shipped files looked clean while the linked page could be rewritten after review, and that the demo ultimately reached roughly 26,000 agents including some on corporate accounts.
Show sources
- Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents — thehackernews.com — 23.06.2026 18:16
- Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents — thehackernews.com — 23.06.2026 18:16