This study addresses critical security risks in mainstream AI agent skill marketplaces, where malicious payloads and severe vulnerabilities endanger user credentials and system integrity. Conducting the first large-scale security audit of 3,984 skills across three dominant platforms, the authors combine automated static analysis with manual dynamic validation to establish the first threat taxonomy and attack pattern framework tailored to the AI skill ecosystem. Their investigation identifies 76 malicious payloads and reveals that 13.4% of examined skills contain high-severity vulnerabilities. Notably, at least eight malicious skills remained publicly accessible at the time of publication, underscoring significant security gaps and insufficient oversight within the current AI agent marketplace landscape.

We analyzed 3,984 AI agent skills from major marketplaces and found 76 confirmed malicious payloads, including credential theft, backdoor installation, and data exfiltration. 13.4% of all skills contain at least one critical-level security issue and at least 8 manually confirmed malicious skills remain publicly available on clawhub.ai as of the date of publication. This report documents our methodology, presents a threat taxonomy based on real-world samples, and details the attack patterns we observed. As skill marketplaces grow rapidly and AI agents gain access to sensitive credentials and systems, automated security analysis is no longer optional.