Snyk ToxicSkills Research Reveals 36% of AI Agent Skills Contain Security Flaws

Snyk's ToxicSkills research reveals that 36% of AI agent skills contain security vulnerabilities. The study identified 1,467 vulnerable skills as well as active malicious payloads. These vulnerabilities specifically target users of OpenClaw, Claude Code, and Cursor. The flaws include prompt injections in the supply chain of AI agent skills.