Lucene search
K

4 matches found

Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.26 views

Runtime Skill Audit: Targeted Runtime Probing for Agent Skill Security

Agent skills let LLM agents reuse instructions, resources, tools, and workflows, but they also create a new place for malicious behavior to hide. A skill may look benign in its documentation or code while becoming harmful only when it is invoked with particular user requests, local assets,...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/30 12:0 a.m.28 views

Benchmarking Security Risk Detection and Verification in Open Agentic Skill Ecosystems

Open agent platforms allow community contributors to publish reusable skills that agents can invoke at runtime. This extensibility also creates a supply-chain risk: malicious contributors can hide harmful behavior inside skills that appear benign under superficial inspection. However, existing...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/02 5:49 p.m.10 views

Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users

A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks. ClawHub is a marketplace designed to make it easy for OpenClaw users to find and install third-party skills...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/02/26 9:3 a.m.7 views

ALERT: Malicious Amazon Alexa Skills Can Easily Bypass Vetting Process

Researchers have uncovered gaps in Amazon's skill vetting process for the Alexa voice assistant ecosystem that could allow a malicious actor to publish a deceptive skill under any arbitrary developer name and even make backend code changes after approval to trick users into giving up sensitive...

6AI score
Exploits0
Rows per page
Query Builder