Openclaw AI encounters security vulnerability, users could be attacked by malicious "skills"
A Certik report highlights security vulnerabilities in Openclaw, particularly in its "skill scanning" mechanism, which inadequately protects users from harmful third-party extensions. The review reveals limitations in Clawhub's vetting process and warns about the risks of installing skills that haven't been fully screened. Recommendations include default runtime isolation for third-party skills and user caution regarding seemingly benign applications.
TapChiBitcoin·03-18 09:09
