Deep dives into real-world Agent Skill attacks and defenses.
19 typosquatted npm packages targeting Claude Code, Cursor, and Windsurf. Injects malicious MCP configs, steals credentials, and self-propagates through Git repos.
How a ClawHub skill posing as a decentralized API marketplace tricked AI agents into storing private keys in plaintext and purchasing scam tokens.
Deep dive into how a single threat actor weaponized ClawHub to distribute Atomic macOS Stealer to 7,000+ victims in 3 days.
Reproducing Invariant Labs' proof-of-concept: how a malicious MCP tool description silently exfiltrates credentials from Claude Desktop and Cursor.