GhostClaw Exploits GitHub And AI Workflows

Jamf Threat Labs and JFrog researchers this month detailed GhostClaw, a multi-stage macOS infostealer that now uses GitHub repositories and AI-assisted agent workflows to harvest credentials and deploy secondary payloads. They identified at least eight malicious repositories that build trust with benign code and then introduce install scripts or SKILL.md manifests enabling automated or copy-paste infection. Defenders should treat copied installs and AI-suggested shell steps as untrusted.
Key Points
- 1Delivers macOS GhostClaw via GitHub repos and AI 'skill' manifests, triggering install.sh execution
- 2Exploits trust by seeding benign code and using stars before silently adding malicious installers
- 3Requires defenders to block unknown scripts, monitor curl -k, and distrust AI-suggested shell commands
Scoring Rationale
High impact due to novel AI-agent delivery and credible vendor research; scope limited mainly to macOS developer workflows.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems

