23 ClawHub plugins squatting official scopes expose AI registry security gaps

wpnews.pro

cd /news/ai-safety/23-clawhub-plugins-squatting-officia… · home › topics › ai-safety › article

[ARTICLE · art-36276] src=helpnetsecurity.com ↗ pub=2026-06-22T08:00Z topic=ai-safety verified=true sentiment=↓ negative

23 ClawHub plugins squatting official scopes expose AI registry security gaps

Twenty-three code-executing plugins on ClawHub, an AI agent registry, were found squatting under official @openclaw and @clawhub scopes because those scopes were not reserved for their owners, exposing security gaps in AI plugin registries. Ax Sharma, Head of Research at Manifold Security, detailed the findings in a Help Net Security video.

read1 min views1 publishedJun 22, 2026

Plugin registries for AI agents use npm-style scopes like @openclaw/ and @clawhub/ to signal who published a package. But on ClawHub, a registry whose plugins run with Claude, OpenClaw, and other agents, those official scopes weren’t reserved to their owners for every package already published. In this Help Net Security video, Ax Sharma, Head of Research at Manifold Security, breaks down how 23 code-executing plugins ended up under ClawHub’s official @openclaw and @clawhub scopes while … More

The post 23 ClawHub plugins squatting official scopes expose AI registry security gaps appeared first on Help Net Security.

source & further reading

helpnetsecurity.com — original article Who pays when you gate cyber-capable AI models? Agent Beacon: Open-source telemetry layer for AI agents Hundreds of AI-powered iOS apps found exposing credentials

~/api · this article 200

$curl api.wpnews.pro/v1/news/23-clawhub-plugins-squat…

Read original on helpnetsecurity.com → www.helpnetsecurity.com/2026/06/22/clawhub-code-…

mentioned entities

ClawHub

OpenClaw

Claude

Ax Sharma

Manifold Security

Help Net Security

metadata

slug23-clawhub-plugins-squatting-official-scopes-expose-ai-registry-security-gaps

topic#ai-safety

secondary2 topics

sentimentnegative

canonicalhelpnetsecurity.com

navigation

← prevAn Inconvenient Truth About AI

next →Donate your Claude Code traces t…

── more in #ai-safety 4 stories · sorted by recency

letsdatascience.com · 22 Jun · #ai-safety

Asymptote Labs launches Agent Beacon telemetry layer

github.com · 22 Jun · #ai-safety

Headroom – The context compression layer for AI agents

narracomm.com · 22 Jun · #ai-safety

Archal.AI – Eval For Autonomous Software

signal-memo.com · 22 Jun · #ai-safety

Memo: The Compensation Boundary

── more on @clawhub 3 stories trending now

wpnews · 21 Jun · #large-language-models

Anthropic faces a class action lawsuit accusing it of selling Claude Max subscribers far less than advertised

wpnews · 21 Jun · #artificial-intelligence

Plotting AI model release cadence: two labs are accelerating, three aren't

wpnews · 21 Jun · #ai-safety

Author Argues for Slower AI Despite Cancer Benefits

sponsored brought to you by zahid.host 4,200+ EU-deployed projects

reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main

→ Live at https://your-agent.zahid.host ✓

Get free account → Pricing

from €0/mo · no card required