Cyber: Openclaw Integrates Virustotal Scanning To Detect Malicious Clawhub...

OpenClaw (formerly Moltbot and Clawdbot) has announced that it's partnering with Google-owned VirusTotal to scan skills that are being uploaded to ClawHub, its skill marketplace, as part of broader efforts to bolster the security of the agentic ecosystem.

"All skills published to ClawHub are now scanned using VirusTotal's threat intelligence, including their new Code Insight capability," OpenClaw's founder Peter Steinberger, along with Jamieson O'Reilly and Bernardo Quintero said. "This provides an additional layer of security for the OpenClaw community."

The process essentially entails creating a unique SHA-256 hash for every skill and cross checking it against VirusTotal's database for a match. If it's not found, the skill bundle is uploaded to the malware scanning tool for further analysis using VirusTotal Code Insight.

Skills that have a "benign" Code Insight verdict are automatically approved by ClawHub, while those marked suspicious are flagged with a warning. Any skill that's deemed malicious is blocked from download. OpenClaw also said all active skills are re-scanned on a daily basis to detect scenarios where a previously clean skill becomes malicious.

That said, OpenClaw maintainers also cautioned that VirusTotal scanning is "not a silver bullet" and that there is a possibility that some malicious skills that use a cleverly concealed prompt injection payload may slip through the cracks.

In addition to the VirusTotal partnership, the platform is expected to publish a comprehensive threat model, public security roadmap, formal security reporting process, as well as details about the security audit of its entire codebase.

The development comes in the aftermath of reports that found hundreds of malicious skills on ClawHub, prompting OpenClaw to add a reporting option that allows signed-in users to flag a suspicious skill. Multiple analyses have uncovered that these skills masquerade as legitimate tools, but, under the hood, they harbor malicious functionality to exfiltrate data, inject backdoors for remote access, or install stealer malware.

"AI agents with system access can become covert data-leak channels that bypass traditional data loss prevention, proxies, and endpoint monitoring," Cisco noted last week. "Second, models can also become an execution orchestrator, wherein the prompt itself becomes the instruction and is difficult to catch using traditional security tooling."

The recent viral popularity of OpenClaw, the open-source agentic

Source: The Hacker News