OpenClaw Teams With VirusTotal To Scan Skills

OpenClaw, an open-source autonomous agent framework, has partnered with Google's VirusTotal after discovery of malicious code in its ClawHub skills marketplace. A Koi audit found 341 malicious skills among 2,857 entries—335 tied to a single supply-chain attack—prompting OpenClaw to adopt VirusTotal scanning and CodeInsight LLM analysis. The project warns scans won't catch language-based or prompt-injection attacks and urges segmentation.