Lucene search
K

341 matches found

Packet Storm News
Packet Storm News
added 2026/05/27 12:0 a.m.12 views

Technical Report: Exploring the Emerging Threats of the Agent Skill Ecosystem

We analyzed 3,984 AI agent skills from major marketplaces and found 76 confirmed malicious payloads, including credential theft, backdoor installation, and data exfiltration. 13.4% of all skills contain at least one critical-level security issue and at least 8 manually confirmed malicious skills...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/25 12:0 a.m.16 views

Security of OpenClaw Agents: Fundamentals, Attacks, and Countermeasures

The rapid evolution of large language model LLM-driven autonomous agents has given rise to OpenClaw, a new class of open-source agent frameworks that operate as continuously running, skill-augmented systems with persistent memory, multi-channel interaction, and high degrees of autonomy. Such...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/21 8:20 a.m.11 views

Malicious code in @amswf/huoke (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ec868ff3c73d920bd9c3b66a0e725f2eaf427b83ade2ad0fae284be0386eff4 On npm install, this package's postinstall runs node bin/huoke.js install-skill, which enumerates /home/ for every system user, finds each user's...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/21 8:20 a.m.9 views

MAL-2026-4361 Malicious code in @amswf/huoke (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ec868ff3c73d920bd9c3b66a0e725f2eaf427b83ade2ad0fae284be0386eff4 On npm install, this package's postinstall runs node bin/huoke.js install-skill, which enumerates /home/ for every system user, finds each user's...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/21 4:39 a.m.14 views

Malicious code in @zhengshuo888/huoke (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f352f11f7811b28966799c9359f99dbbe9829240066504be17c100981dd45ab On npm install, the package's postinstall hook runs node bin/huoke.js install-skill, which uses execSync to invoke curl -fsSL against...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/21 4:39 a.m.8 views

MAL-2026-4472 Malicious code in @zhengshuo888/huoke (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f352f11f7811b28966799c9359f99dbbe9829240066504be17c100981dd45ab On npm install, the package's postinstall hook runs node bin/huoke.js install-skill, which uses execSync to invoke curl -fsSL against...

5.8AI score
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/12 12:0 a.m.8 views

Behavioral Integrity Verification for AI Agent Skills

Agent skills extend LLM agents with privileged third-party capabilities such as filesystem access, credentials, network calls, and shell execution. Existing safety work catches malicious prompts and risky runtime actions, but the skill artifact itself goes unverified. We formalize this as the...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/12 12:0 a.m.9 views

SkillSafetyBench: Evaluating Agent Safety under Skill-Facing Attack Surfaces

Reusable skills are becoming a common interface for extending large language model agents, packaging procedural guidance with access to files, tools, memory, and execution environments. However, this modularity introduces attack surfaces that are largely missed by existing safety evaluations: eve...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/12 12:0 a.m.10 views

Proteus: A Self-Evolving Red Team for Agent Skill Ecosystems

Agent skills extend LLM agents with reusable instructions, tool interfaces, and executable code, and users increasingly install third-party skills from marketplaces, repositories, and community channels. Because a skill exposes both executable behavior and context-setting documentation, its...

5.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/11 8:27 p.m.8 views

CVE-2026-8235

A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is...

5.5CVSS5.7AI score0.01387EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/05/11 12:0 a.m.78 views

Under the Hood of SKILL.Md: Semantic Supply-Chain Attacks on AI Agent Skill Registry

Autonomous AI agents increasingly extend their capabilities through Agent Skills: modular filesystem packages whose SKILL.md files describe when and how agents should use them. While this design enables scalable, on-demand capability expansion, it also introduces a semantic supply-chain risk in...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/11 12:0 a.m.7 views

LITMUS: Benchmarking Behavioral Jailbreaks of LLM Agents in Real OS Environments

The rapid proliferation of LLM-based autonomous agents in real operating system environments introduces a new category of safety risk beyond content safety: behavior jailbreak, where an adversary induces an agent to execute dangerous OS-level operations with irreversible consequences. Existing...

5.9AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/10 6:15 a.m.10 views

CVE-2026-8235 8421bit MiniClaw System kernel.ts resolveSkillScriptPath os command injection

A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is...

5.5CVSS5.7AI score0.01387EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/10 6:15 a.m.6 views

CVE-2026-8235

A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is...

5.5CVSS5.7AI score0.01387EPSS
Exploits0References8Affected Software1
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.11 views

MiniClaw 命令注入漏洞

MiniClaw is an AI memory and evolution tool developed by a personal developer. Versions 0.8.0 and 0.9.0 of MiniClaw contain command injection vulnerabilities. These vulnerabilities stem from the function resolveSkillScriptPath in the System Command Handler component’s src/kernel.ts file, which...

5.5CVSS6.1AI score0.01387EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.12 views

PT-2026-39463

A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is...

5.5CVSS5.7AI score0.01387EPSS
Exploits0References9
Packet Storm News
Packet Storm News
added 2026/05/10 12:0 a.m.8 views

Trust Me, Import This: Dependency Steering Attacks Via Malicious Agent Skills

LLM-powered coding agents increasingly make software supply chain decisions. They generate imports, recommend packages, and write installation commands. Prior work showed that these systems can hallucinate non-existent package names, which attackers may register as malicious packages. In this...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/10 12:0 a.m.9 views

Skill Description Deception Attack against Task Routing in Internet of Agents

A new paradigm, Internet of Agents IoA, is transforming networked systems into LLM-driven service networks, where heterogeneous agents collaborate through task routing based on their self-declared skill descriptions. Although this promising paradigm enables agentic, distributed, and advanced...

5.7AI score
Exploits0
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.37 views

MiniClaw 路径遍历漏洞

MiniClaw is an AI memory and evolution tool developed by a 8421bit individual developer. MiniClaw has a path traversal vulnerability, which stems from the function isPathInside in the executeSkillScript component’s src/kernel.ts file. This vulnerability may lead to path traversal attacks...

6.5CVSS5.8AI score0.00413EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/05/05 9:15 p.m.11 views

@evomap/evolver: Path Traversal in `evolver fetch` default-branch `safeId` allows Hub-controlled overwrite of project files (RCE)

Summary The evolver fetch subcommand in index.js writes Hub-supplied bundledfiles into a directory derived from a Hub-supplied skillid. When --out is not used, the path-sanitizing regex permits . characters, allowing a skillid of .. to escape the skills/ subdirectory and resolve to the user's...

6.4AI score
Exploits0References2Affected Software1
Rows per page
Query Builder