23 ClawHub Plugins Exploit Scope Squatting Vulnerability

A security vulnerability in ClawHub's plugin registry allowed unauthorized third-party plugins to publish under official organizational scopes, specifically @openclaw and @clawhub. Researchers identified 23 such plugins that masquerade as legitimate tools from OpenClaw and ClawHub, potentially compromising the integrity of AI agent applications. This issue stems from a lack of enforcement of scope ownership, enabling these plugins to inherit first-party credibility without any verified relationship to the organizations. The incident highlights significant supply-chain weaknesses in the AI agent ecosystem, affecting users who rely on these plugins for functionality. No specific CVEs were reported, but the risk of exploitation is high due to the nature of the plugins. The situation is currently under investigation by security researchers.

Key Points: • 23 unauthorized plugins were found under official ClawHub scopes. • The vulnerability stems from inadequate enforcement of scope ownership. • Users of ClawHub and OpenClaw may be at risk from these deceptive plugins.