I Built a Security Scanner Because 12% of an AI Agent Marketplace Was Malicious

In January 2026, security researchers discovered that 341 out of 2,857 skills on ClawHub - OpenClaw's public marketplace - were malicious. That's 12% of the entire registry, distributing keyloggers and credential stealers behind names like "solana-wallet-tracker." This wasn't a theoretical risk. It was the ClawHavoc campaign, and it worked because nobody was scanning these skills before installing them. I built a scanner to fix that. Here's what I learned. The Problem Is Bigger Than One Marketplace ClawHavoc was just the beginning.