AI Agent Skill Threat Landscape
| Date: 2026-04-25 |
Audited by ClawSec |
Analysis of 22141 threats detected across 2274 audited skills.
Threats by Severity
| Severity |
Count |
% |
| CRITICAL |
1348 |
6% |
| HIGH |
6065 |
27% |
| MEDIUM |
4767 |
22% |
| LOW |
9961 |
45% |
Top 15 Threat Types
| Threat |
Count |
Severity |
| LLM Semantic Detection |
16349 |
LOW |
| Dynamic Code Evaluation |
2239 |
HIGH |
| Startup Failure (non-executable) |
1820 |
LOW |
| Outbound Data Transfer |
803 |
HIGH |
| Hidden Command Execution |
329 |
MEDIUM |
| Private Key Extraction |
111 |
CRITICAL |
| Environment Variable Exfiltration |
109 |
CRITICAL |
| Base64 Encoded Payload |
65 |
HIGH |
| Remote Script Execution |
59 |
CRITICAL |
| Execution Crash |
35 |
MEDIUM |
| Shell RC Modification |
24 |
HIGH |
| Cron Job Installation |
23 |
HIGH |
| Obfuscated Code |
22 |
MEDIUM |
| Systemd Service Installation |
19 |
HIGH |
| Cryptocurrency Wallet Access |
19 |
CRITICAL |
Threats by Verdict
| Verdict |
Threats |
Avg Threats/Skill |
| MALICIOUS |
2083 |
11.8 |
| SUSPICIOUS |
11700 |
10.4 |
| SAFE |
8299 |
8.6 |
ClawSec | ClawSearch