OpenClaw has partnered with VirusTotal to scan every skill uploaded to the ClawHub marketplace using SHA-256 hashing and VirusTotal Code Insight, automatically approving benign skills, flagging suspicious ones, and blocking malicious downloads while re-scanning active skills daily. Researchers and vendors warn the measure is not a silver bullet amid widespread misconfigurations, exposed credentials, prompt-injection attacks, and other vulnerabilities across OpenClaw and related services. #OpenClaw #VirusTotal
Keypoints
- OpenClaw now uses VirusTotal to hash and scan ClawHub skills, applying Code Insight for deeper analysis.
- Skills with benign verdicts are auto-approved, suspicious ones are flagged, and malicious skills are blocked from download.
- Daily re-scanning is implemented to catch skills that become malicious after initial approval.
- Numerous design flaws and misconfigurations—cleartext credentials, open gateway bindings, and exposed Supabase data—have left many instances vulnerable.
- Prompt injection, indirect payloads, and widespread republishing of malicious skills create significant data-exfiltration and remote-access risks for users and enterprises.
Read More: https://thehackernews.com/2026/02/openclaw-integrates-virustotal-scanning.html