AI Agent Skill Threat Landscape

Date: 2026-03-29 Audited by ClawSec

Analysis of 19272 threats detected across 1948 audited skills.

Threats by Severity

Severity Count %
CRITICAL 956 5%
HIGH 5362 28%
MEDIUM 3802 20%
LOW 9152 47%

Top 15 Threat Types

Threat Count Severity
LLM Semantic Detection 14002 LOW
Startup Failure (non-executable) 1934 LOW
Dynamic Code Evaluation 1871 HIGH
Outbound Data Transfer 695 HIGH
Hidden Command Execution 312 MEDIUM
Environment Variable Exfiltration 97 CRITICAL
Private Key Extraction 95 CRITICAL
Base64 Encoded Payload 54 HIGH
Remote Script Execution 47 CRITICAL
Shell RC Modification 23 HIGH
Cron Job Installation 22 HIGH
Systemd Service Installation 17 HIGH
Obfuscated Code 17 MEDIUM
Cryptocurrency Wallet Access 17 CRITICAL
Webhook Data Send 15 MEDIUM

Threats by Verdict

Verdict Threats Avg Threats/Skill
MALICIOUS 1917 12.1
SUSPICIOUS 9887 10.6
SAFE 7452 8.7

ClawSec | ClawSearch