Manifold Security recently discovered 23 code-executing plugins on ClawHub that improperly used official organizational namespaces. These plugins were published under the @openclaw/ and @clawhub/ scopes by third-party accounts with no connection to the actual organizations. This discovery highlights a significant supply chain vulnerability in the rapidly expanding AI agent ecosystem. ClawHub is a popular registry […]
The post AI Agent Supply Chain Risk Found in 23 ClawHub Plugins Using Official-Looking Namespaces appeared first on Cyber Security News.