Technical Report: Exploring the Emerging Threats of the Agent Skill Ecosystem 事件

Technical Report: Exploring the Emerging Threats of the Agent Skill Ecosystem arXiv:2605.28588v1 Announce Type: cross Abstract: We analyzed 3,984 AI agent skills from major marketplaces and found 76 confirmed malicious payloads, including credential theft, backdoor installation, and data exfiltration. 13.4% of all skills contain at least one critical-level security issue and at least 8 manually confirmed malicious skills remain publicly available on clawhub.ai as of the date of publication. Thi