MMODELYST
Papers/Technical Report: Exploring the Emerging Threats of the Agent Skill Ecosystem
PAP

Technical Report: Exploring the Emerging Threats of the Agent Skill Ecosystem

May 27, 2026

arXiv
Abstract

We analyzed 3,984 AI agent skills from major marketplaces and found 76 confirmed malicious payloads, including credential theft, backdoor installation, and data exfiltration. 13.4% of all skills contain at least one critical-level security issue and at least 8 manually confirmed malicious skills remain publicly available on clawhub.ai as of the date of publication. This report documents our methodology, presents a threat taxonomy based on real-world samples, and details the attack patterns we observed. As skill marketplaces grow rapidly and AI agents gain access to sensitive credentials and systems, automated security analysis is no longer optional.

Select text to highlight · click a highlight to remove · saved in this browser only
Authors
Luca Beurer-Kellner, Aleksei Kudrinskii, Marco Milanta, Kristian Bonde Nielsen, Hemang Sarkar, Liran Tal
Your notes (browser-local)
saved
arXiv:2605.28588