OpenClaw adds VirusTotal scanning to harden AI agent skills

Agentic platforms like OpenClaw are where the rubber meets the road for autonomous AI—and they’re already hitting hard security walls. Security firms documented hundreds of malicious skills and unsanctioned enterprise deployments, prompting Gartner to call OpenClaw “an unacceptable cybersecurity liability” even as it showcased what fully‑tooled agents can do for productivity. The VirusTotal integration is a pragmatic first step toward cleaning up that ecosystem: hash‑based and LLM‑assisted scanning will catch a lot of commodity malware and obviously hostile packages before they reach users.

For the AGI race, this is less about one product and more about whether society can make agent platforms safe enough to keep deploying them. The path to AGI almost certainly runs through agents that can operate software, access data and take real‑world actions—exactly the surfaces attackers love. By reusing VirusTotal’s infrastructure, and especially its Gemini‑powered Code Insight, OpenClaw is effectively chaining one AI system to secure another. If this model of layered AI‑for‑AI defense proves workable, it could become a template as agents spread into finance, healthcare and critical infrastructure. If it fails, expect a regulatory backlash that forces much slower, more locked‑down experimentation.