TrustSkills
BlogCompareGlossaryDetections

Definition

Supply chain attack

An attack that compromises software or services upstream of the target organization, so the malicious payload is delivered through a trusted distribution channel. For AI agent skills, the supply chain attack vector is ClawHub: an attacker publishes a skill that appears legitimate and accumulates installs before the malicious payload is detected. The ClawHavoc campaign is the canonical example of an AI agent skill supply chain attack at scale.

Related terms

ClawHavoc

A coordinated supply chain attack campaign that planted 1,184 malicious skills across 12 publisher a

ClawHub

The official marketplace for OpenClaw agent skills. Skills are published by third-party authors and

Behavioral integrity

The degree to which a skill or AI system does what its documentation says it does and nothing else.

Deep dive

Research brief

ClawHavoc explained: the supply chain attack that put 1,184 malicious skills on ClawHub

ClawHavoc placed over 1,000 malicious skills on the ClawHub marketplace in early 2026. Understanding the attack pattern is the first step to defending against the next campaign like it.

Scan a skill before you install it

TrustSkills detects the threats described in this glossary before you install a ClawHub skill. Free. No account required.

Run a free scan