The number of skills approaches 750,000, and the rapid expansion of the "Lobster" ecosystem exposes security risks.

MaticHoleFiller · 2026-03-21T10:16:28+00:00

Qi'anxin released the "OpenClaw Ecosystem Threat Analysis Report," which indicates that the skill modules of this intelligent agent are expanding rapidly, with an average of 21,000 new modules added daily, leading to 20,471 potential security vulnerabilities. The report emphasizes the need to strengthen security management to prevent information leaks and system compromises. Especially in regions such as Beijing and Shanghai, which have become high-risk areas. At the same time, Qi'anxin launched the SAFESKILL platform to enhance the security monitoring of Skills.

MaticHoleFiller

2026-03-21 10:16:28

Abstract generation in progress

On March 16, Qihoo 360 released China’s first “OpenClaw Ecosystem Threat Analysis Report,” addressing new security challenges behind the explosive growth of AI intelligent agents OpenClaw (industry nickname “Lobster”). The report shows that the “Skills” modules within the OpenClaw ecosystem are experiencing rapid, explosive growth, with the total number of Skills on the four major global platforms approaching 750,000, and an increase of 21,000 new Skills daily. The daily growth rate remains high at 2% to 3%. If this trend continues, the total number of Skills could surpass 8 million within a year. Such rapid ecosystem expansion, without effective security management, could lead to security risks spiraling out of control in a short period.

Regarding vulnerability exposure, the report indicates that 20,471 OpenClaw instances worldwide may have security vulnerabilities, covering 13,643 IP addresses. Nearly 9% of exposed OpenClaw assets on the internet are at risk of being exploited. If attackers leverage these vulnerabilities, it could lead to serious consequences such as information leaks and system control.

The report also reveals, for the first time, a geographic distribution map of the OpenClaw ecosystem. Globally, the United States and China rank first and second. Domestically, economically developed provinces and cities such as Beijing, Shanghai, Guangdong, Hong Kong, and Zhejiang, with strong digital economies and active innovation environments, have become core hubs of the domestic “shrimp farming” trend.

The report provides an in-depth analysis of Skills security risks. Currently, due to the popularity of OpenClaw, the Skills supply chain is active in poisoning attacks: malicious Skills are injected through prompt manipulation, remote code execution, data theft, social engineering, and other methods, posing threats to users.

Qihoo 360 Chairman Qi Xiangdong stated that the OpenClaw (“Lobster”) intelligent agent is rapidly reshaping productivity. However, frequent security incidents such as terminal control loss and data leaks reveal a common dilemma among government and enterprise organizations: they are hesitant to fully adopt AI due to security concerns.

It is reported that Qihoo 360 has launched China’s first open Skill security assessment platform—SAFESKILL. This platform supports multi-source real-time monitoring, enabling real-time surveillance of major global communities and markets. Through deep scanning and multi-dimensional risk identification, it promotes the stable operation of intelligent agents in production environments.

Source: Beijing Daily Client

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.