OpenClaw Weekly #1 — Malicious Skills, Detect Goes Open Source, and Three Releases

This is the first issue of OpenClaw Weekly, a roundup of the most important news, releases, and community discussions from across the OpenClaw ecosystem. Let's get into it.

The biggest story this week is a security research finding that 341 ClawHub skills were distributing macOS malware via ClickFix instructions and stealing data from OpenClaw users. The report spread rapidly across security communities on r/InfoSecNews, r/blueteamsec, and r/NowInCyber.

This is a significant reminder that ClawHub skills are community-submitted and not all are vetted for security. If you're running ClawHub skills in production, we strongly recommend auditing every installed skill. Our guide on how to audit ClawHub skills for malware covers the patterns to look for: outbound data calls, filesystem access beyond scope, shell command injection, and credential harvesting.

A community member also shared a security plugin they built for OpenClaw, and another posted their security setup for community review. If you're looking to harden your deployment, check out our production security checklist.

OpenClaw's detect and telemetry tooling was open-sourced this week, generating discussion on Hacker News and across Reddit on r/sysadmin, r/openclaw, and r/Network. This gives operators better visibility into what their OpenClaw instances are doing — useful for both security monitoring and performance tuning.

Related: a GitHub discussion on prompt injection defense for tool results is worth reading if you're building custom skills that handle untrusted input. Our prompt injection defense guide covers the key mitigation strategies.

The OpenClaw project shipped three releases in the span of four days:

• **v2026.1.29** (January 30)
• **v2026.1.30** (January 31)
• **v2026.2.1** (February 2)

Check each release page for full changelogs. If you're upgrading, our Docker installation guide covers version pinning best practices.

Model Leaderboard

A community member built a leaderboard for comparing LLMs with OpenClaw. Useful if you're evaluating models for cost vs. quality tradeoffs. For more on model selection, see our Claude Opus vs Sonnet vs Haiku cost comparison and OpenRouter model routing guide. There was also a thread on the best CPU-only models for OpenClaw tool use.

Windows: WSL2 vs. Native

A detailed GitHub discussion compared WSL2 vs. native Windows for running OpenClaw on Windows 11, covering real-world experience, gotchas, and recommended approaches. Worth reading if you're on Windows. Our WSL2 setup guide covers the full installation process.

AI-Ready Issues Standard

The community proposed AI-Ready Issues, a standard for AI-assisted open source contribution. The discussion explores how AI agents can participate in the development process with structured issue formats.

Enterprise Adoption

Enterprise adoption continues to be a hot topic. Discussions this week included MCP integration with reranking, enterprise environment setups, and ClawRAG as an external knowledge base. If you're scaling OpenClaw across teams, our enterprise guides cover multi-agent routing, Ansible deployment, and team onboarding.

Other Notable Discussions

• Telegram voice transcription issues after config changes — Deepgram integration troubleshooting
• Grok as an AI model for OpenClaw — community exploring xAI integration
• Open-sourced Xteink x4 OpenClaw Tamagotchi — a creative hardware project
• Installing skills on Windows — common setup troubleshooting

• Agent Wars 2026: OpenClaw vs. Memu vs. Nanobot — a comparison of local AI agent platforms and their tradeoffs
• What OpenClaw Teaches Us About AI Safety — reflections on the security implications of the growing ecosystem
• The Emergent Persona: AI Agents on Social Platforms — an ontological analysis of how AI agents present themselves online

Thanks for reading the first issue of OpenClaw Weekly. Subscribe on our newsletter page to get future issues delivered to your inbox. Catch up on everything else on our news feed.