AI Brief%22%2F%3E%3Ccircle%20cx%3D%22760%22%20cy%3D%22180%22%20r%3D%22260%22%20fill%3D%22%23f0b84a%22%20opacity%3D%22.24%22%2F%3E%3Ccircle%20cx%3D%22110%22%20cy%3D%221040%22%20r%3D%22310%22%20fill%3D%22%23f0b84a%22%20opacity%3D%22.16%22%2F%3E%3C%2Fsvg%3E)
OpenClaw releases a security dataset for agent skills
ClawHub Security Signals packages multi-scanner results across a large public agent-skill catalog, giving researchers a dataset for studying risky skills and disagreements between security tools.
Read more
OpenClaw released ClawHub Security Signals, a dataset and accompanying paper built from multiple security scanners applied to a snapshot of the public ClawHub agent-skill catalog. The project is designed to help researchers study how VirusTotal, static analysis, and semantic-risk tools disagree when evaluating skills that can extend an agent's capabilities. The authors stress that its labels are silver-standard automated signals rather than verified judgments: a suspicious result means a skill deserves review, not that it is malicious. The release also redacts secrets and excludes private artifacts, while warning that automated sanitization is imperfect. This is a useful security artifact because agent skills combine instructions, code, permissions, and external services in ways that traditional package scanning does not fully capture.
Key details: June 1, 2026 snapshot, Multi-scanner dataset, Agent-skill security, Silver-standard labels, VirusTotal and static-analysis signals, Open dataset.
Continue swiping for more AI Brief stories.