VirusTotal Code Insight scanning for OpenClaw ClawHub skills
Security Tool/Service
Summary
Hide ▲
Show ▼
OpenClaw has added VirusTotal Code Insight scanning for ClawHub skill uploads, changing how new skills are vetted before publication. Benign bundles are approved automatically, suspicious ones are flagged with warnings, and malicious downloads are blocked. The marketplace also rescans active skills daily, which helps catch bundles that turn bad after initial approval.
Related Happenings
OpenClaw hardening guidance (CNCERT)
Advisory/Mitigation
First: 14.03.2026 18:17
Last: 14.03.2026 18:17
Sources 1
About this happening:
China's **CNCERT** issued mitigation guidance for **OpenClaw**, warning that weak defaults and privileged access could let attackers seize endpoints, leak data, or trigger destruc...
OpenClaw hardening guidance (CNCERT)
Advisory/MitigationAbout this happening: China's **CNCERT** issued mitigation guidance for **OpenClaw**, warning that weak defaults and privileged access could let attackers seize endpoints, leak data, or trigger destruc...
ClawHub malicious skills deliver Atomic Stealer
Malware Activity
First: 28.02.2026 19:21
Last: 28.02.2026 19:21
Sources 1
About this happening:
Researchers found **malicious skills** on **ClawHub** delivering a **new Atomic Stealer variant** to **macOS** users, turning the OpenClaw skills marketplace into a malware delive...
ClawHub malicious skills deliver Atomic Stealer
Malware ActivityAbout this happening: Researchers found **malicious skills** on **ClawHub** delivering a **new Atomic Stealer variant** to **macOS** users, turning the OpenClaw skills marketplace into a malware delive...
Bob P2P agent-to-agent crypto scam campaign
Campaign
First: 23.02.2026 14:30
Last: 23.02.2026 14:30
Sources 1
About this happening:
The **Bob P2P** operation is an **ongoing agent-to-agent crypto scam** that can expose **Solana wallet private keys** and trigger **unauthorized transactions** and **payment redir...
Bob P2P agent-to-agent crypto scam campaign
CampaignAbout this happening: The **Bob P2P** operation is an **ongoing agent-to-agent crypto scam** that can expose **Solana wallet private keys** and trigger **unauthorized transactions** and **payment redir...
OpenClaw security patch release for CVE-2026-26322
Security Patch Release
First: 19.02.2026 12:00
Last: 19.02.2026 12:00
Sources 1
About this happening:
**OpenClaw** released a **patch for six vulnerabilities** in its **agentic AI assistant**, addressing **SSRF**, **missing authentication**, and **path traversal** flaws that could...
OpenClaw security patch release for CVE-2026-26322
Security Patch ReleaseAbout this happening: **OpenClaw** released a **patch for six vulnerabilities** in its **agentic AI assistant**, addressing **SSRF**, **missing authentication**, and **path traversal** flaws that could...
ZeroDayRAT Telegram spyware seller ecosystem with direct developer support
Threat Actor Meta
First: 10.02.2026 23:37
Last: 10.02.2026 23:37
Sources 1
About this happening:
**ZeroDayRAT** is being sold as a **Telegram-based spyware service** with direct access to the developer through dedicated channels for **sales**, **customer support**, and **regu...
ZeroDayRAT Telegram spyware seller ecosystem with direct developer support
Threat Actor MetaAbout this happening: **ZeroDayRAT** is being sold as a **Telegram-based spyware service** with direct access to the developer through dedicated channels for **sales**, **customer support**, and **regu...
Timeline
-
08.02.2026 09:32 2 articles · 3mo ago
OpenClaw adds VirusTotal scanning for ClawHub skills
Mitigation Patch UpdateOpenClaw added Google-owned VirusTotal scanning to ClawHub, hashing each uploaded skill with SHA-256 and checking it against VirusTotal's database before using VirusTotal Code Insight for deeper analysis; skills judged benign are auto-approved, suspicious skills get a warning, and malicious downloads are blocked, while active skills are rescanned daily to catch bundles that turn malicious after approval. OpenClaw also cautioned that the scanning is not a silver bullet and may miss cleverly concealed prompt injection payloads.
Show sources
- OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills — thehackernews.com — 08.02.2026 09:32
- OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills — thehackernews.com — 08.02.2026 09:32