Recently, the National Computer Virus Emergency Response Center, in collaboration with the National Engineering Laboratory for Computer Virus Prevention and Control Technology, has uncovered numerous counterfeit skill packages harboring malicious code within the skill repository associated with the 'Longxia' (OpenClaw) agent system. Upon installation in a user's agent system, these deceptive packages covertly download and install Trojan viruses in the background whenever skills are activated. This stealthy operation results in the theft of private information, leading to sensitive data breaches and potentially causing significant financial losses. To safeguard against such threats, it is advisable for users to conduct thorough security audits on skill packages prior to installation. Additionally, isolating the agent system from production environments and utilizing the National Computer Virus Collaborative Analysis Platform to scrutinize suspicious files are recommended preventive measures.