SkillSieve: A Hierarchical Triage Framework for Detecting Malicious AI Agent Skills 事件

SkillSieve: A Hierarchical Triage Framework for Detecting Malicious AI Agent Skills arXiv:2604.06550v2 Announce Type: replace-cross Abstract: OpenClaw's ClawHub marketplace hosts tens of thousands of community-contributed agent skills (49,592 in our 2026-04-04 snapshot), and recent audits report that 13-26% contain security vulnerabilities. Regex scanners miss obfuscated payloads; formal static analyzers cannot read the natural-language SKILL.md instructions that hide prompt injection and socia