CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 22, 2026

23 ClawHub plugins squatting official scopes expose AI registry security gaps

Help Net Security Archived Jun 22, 2026 ✓ Full text saved

Plugin registries for AI agents use npm-style scopes like @openclaw/ and @clawhub/ to signal who published a package. But on ClawHub, a registry whose plugins run with Claude, OpenClaw, and other agents, those official scopes weren’t reserved to their owners for every package already published. In this Help Net Security video, Ax Sharma, Head of Research at Manifold Security, breaks down how 23 code-executing plugins ended up under ClawHub’s official @openclaw and @clawhub scopes while … More →

Full text archived locally
✦ AI Summary · Claude Sonnet


    Help Net Security June 22, 2026 Share 23 ClawHub plugins squatting official scopes expose AI registry security gaps Plugin registries for AI agents use npm-style scopes like @openclaw/ and @clawhub/ to signal who published a package. But on ClawHub, a registry whose plugins run with Claude, OpenClaw, and other agents, those official scopes weren’t reserved to their owners for every package already published. In this Help Net Security video, Ax Sharma, Head of Research at Manifold Security, breaks down how 23 code-executing plugins ended up under ClawHub’s official @openclaw and @clawhub scopes while owned by unrelated accounts, why an official-looking scope is a supply chain risk even when the code isn’t malicious, and what the registry changed after the disclosure. He also looks at the wider pattern: as new AI tools, assets, and registries appear, security gaps appear right alongside them. Download: Secure Foundations for AI Workloads on AWS More about agentic AI AI cybersecurity OpenClaw research video Share
    💬 Team Notes
    Article Info
    Source
    Help Net Security
    Category
    ◇ Industry News & Leadership
    Published
    Jun 22, 2026
    Archived
    Jun 22, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗