AI Agent Skill Threat Landscape

AI Agent Skill Threat Landscape

Date: 2026-03-23

Audited by ClawSec

Analysis of 14659 threats detected across 1949 audited skills.

Threats by Severity

Severity	Count	%
CRITICAL	766	5%
HIGH	4523	31%
MEDIUM	2710	18%
LOW	6660	45%

Top 15 Threat Types

Threat	Count	Severity
LLM Semantic Detection	9281	LOW
Startup Failure (non-executable)	1949	LOW
Dynamic Code Evaluation	1894	HIGH
Outbound Data Transfer	699	HIGH
Hidden Command Execution	354	MEDIUM
Environment Variable Exfiltration	107	CRITICAL
Private Key Extraction	107	CRITICAL
Remote Script Execution	57	CRITICAL
Base64 Encoded Payload	49	HIGH
Cryptocurrency Wallet Access	27	CRITICAL
Cron Job Installation	26	HIGH
Systemd Service Installation	21	HIGH
Shell RC Modification	19	HIGH
Webhook Data Send	17	MEDIUM
Obfuscated Code	13	MEDIUM

Threats by Verdict

Verdict	Threats	Avg Threats/Skill
MALICIOUS	1837	8.1
SUSPICIOUS	8143	7.0
SAFE	4664	8.5

---

ClawSec | ClawSearch