AI Agent Skill Threat Landscape
| Date: 2026-04-14 |
Audited by ClawSec |
Analysis of 20857 threats detected across 2132 audited skills.
Threats by Severity
| Severity |
Count |
% |
| CRITICAL |
1149 |
6% |
| HIGH |
5770 |
28% |
| MEDIUM |
4360 |
21% |
| LOW |
9578 |
46% |
Top 15 Threat Types
| Threat |
Count |
Severity |
| LLM Semantic Detection |
15312 |
LOW |
| Dynamic Code Evaluation |
2064 |
HIGH |
| Startup Failure (non-executable) |
1819 |
LOW |
| Outbound Data Transfer |
767 |
HIGH |
| Hidden Command Execution |
330 |
MEDIUM |
| Private Key Extraction |
109 |
CRITICAL |
| Environment Variable Exfiltration |
107 |
CRITICAL |
| Base64 Encoded Payload |
62 |
HIGH |
| Remote Script Execution |
55 |
CRITICAL |
| Execution Crash |
30 |
MEDIUM |
| Shell RC Modification |
24 |
HIGH |
| Cron Job Installation |
22 |
HIGH |
| Obfuscated Code |
21 |
MEDIUM |
| Systemd Service Installation |
19 |
HIGH |
| Cryptocurrency Wallet Access |
19 |
CRITICAL |
Threats by Verdict
| Verdict |
Threats |
Avg Threats/Skill |
| MALICIOUS |
2024 |
12.0 |
| SUSPICIOUS |
10930 |
10.5 |
| SAFE |
7872 |
8.6 |
ClawSec | ClawSearch