OpenClaw AI was targeted by a surge of poisoned plugins designed to compromise its plugin hub, according to a threat analysis released this week by SlowMist.

In its report, SlowMist said attackers uploaded malicious “skills” that masqueraded as legitimate plugins, embedding harmful code capable of supply-chain poisoning. The campaign aimed to exploit trust in the plugin ecosystem, potentially exposing users and developers to data exfiltration or downstream compromise if the tainted plugins were installed.

The analysis indicates the malicious submissions leveraged naming similarities and functional descriptions to evade initial scrutiny, a tactic commonly used in software supply-chain attacks. SlowMist noted that plugin marketplaces are increasingly attractive targets as AI tools integrate third-party components at scale, expanding the blast radius of a single successful insertion.

Source: SlowMist. 

Disclaimer: Crypto Economy Flash News are based on verified public and official sources. Their purpose is to provide fast, factual updates about relevant events in the crypto and blockchain ecosystem.

This information does not constitute financial advice or investment recommendation. Readers are encouraged to verify all details through official project channels before making any related decisions.

---

Filed under: News - @ February 9, 2026 2:31 pm