Five malicious skill packages on the ClawHub marketplace for the OpenClaw AI agent platform deployed macOS infostealers that evaded automated security scanners using file-padding techniques, remained active for over three months, and continued receiving C2 deliveries after public disclosure. This is an active supply chain compromise through a trusted distribution channel that most enterprise security programs have no controls for, affecting any organization using OpenClaw to automate business workflows on macOS.