The Hacker News : OpenClaw (formerly Moltbot and Clawdbot) has announced that it’s partnering with Google-owned VirusTotal to scan skills that are being uploaded to ClawHub, its skill marketplace, as part of broader efforts to bolster the security of the agentic ecosystem.

« All skills published to ClawHub are now scanned using VirusTotal’s threat intelligence, including their new Code Insight capability, » OpenClaw’s founder Peter Steinberger, along with Jamieson O’Reilly and Bernardo Quintero said. « This provides an additional layer of security for the OpenClaw community. »

The process essentially entails creating a unique SHA-256 hash for every skill and cross checking it against VirusTotal’s database for a match. If it’s not found, the skill bundle is uploaded to the malware scanning tool for further analysis using VirusTotal Code Insight.

Skills that have a « benign » Code Insight verdict are automatically approved by ClawHub, while those marked suspicious are flagged with a warning. Any skill that’s deemed malicious is blocked from download. OpenClaw also said all active skills are re-scanned on a daily basis to detect scenarios where a previously clean skill becomes malicious.