Bitdefender Labs found that 17% of the AI skills analyzed in OpenClaw, an open-source AI project with over 160,000 stars on GitHub, are malicious. These skills, which are essentially small code snippets that enhance the AI's functionality, are being used to steal cryptocurrency keys and install malware on macOS systems. Researchers identified a user linked to 199 fake skills targeting both individual wallets and corporate data. One skill, disguised as a legitimate trading tool, instructed users to download harmful external files. The investigation revealed that hackers are cloning popular tools and using similar names to deceive users. Many malicious skills connect to a specific IP address to download scripts that can compromise systems. While initially a concern for individual users, the issue has escalated within corporate environments, with hundreds of cases reported. The majority of malicious skills, about 54%, are crypto-related, with wallet trackers and tools for decentralized exchanges among the most common threats. In addition, social media automation tools and fake auto-updaters contribute significantly to the malware landscape. One prominent user, identified as sakaen736jih, was linked to numerous harmful scripts designed to steal private wallet keys, sometimes targeting files with the ".mykey" extension. On Macs, these scripts have even deployed the AMOS Stealer virus, which can extract sensitive information like credentials and browser data. To mitigate these risks, Bitdefender advises treating every new AI skill as a full software installation. They've also introduced a free tool, the Bitdefender AI Skills Checker, to help users evaluate the safety of skills before installation.