17% of 3rd-Party Add-Ons for OpenClaw Used in Crypto Theft and macOS Malware

Bitdefender Labs reveals that 17% of OpenClaw AI skills analyzed in February 2026 are malicious. With over 160,000 stars on GitHub, OpenClaw is being exploited to steal crypto keys and install macOS malware. Discover how a single user linked to 199 fake skills is targeting wallets and corporate data.

A new open-source AI project called OpenClaw has taken the developer world by storm, racking up over 160,000 stars on GitHub. It is basically an AI toolbox that can manage your accounts and run tasks across different apps. However, as we know it, where there is a massive crowd, scammers are never far behind.

Researchers from Bitdefender Labs recently inspected this infrastructure and found something worrying. They discovered that roughly 17% of the ‘skills’- the small bits of code that give the AI its powers- found in the first week of February 2026 were actually malicious. For your information ...