280+ Leaky Skills: How OpenClaw & ClawHub Are Exposing API Keys and PII

Snyk engineers uncovered significant security vulnerabilities within the ClawHub ecosystem, particularly in the handling of credentials by AI agent skills, which are crucial for the functionality of the OpenClaw personal AI assistant project. Utilizing the Evo Agent Security Analyzer, researchers found that approximately 7.1% of the skills, such as moltyverse-email and buy-anything, mishandle sensitive data like API keys and credit card information, embedding them in plaintext and making them vulnerable to exposure through Large Language Models (LLMs). These issues arise from improper developer practices, which treat AI agents like local scripts, leading to the potential leakage of sensitive data through conversation histories or output logs. Snyk highlights the need for AI Security Posture Management (AI-SPM) to mitigate these risks by assessing AI-native threats, implementing governance policies, and providing tools like mcp-scan to detect and remediate insecure agent skills and malicious behaviors.