India, July 1 -- The software industry has spent years learning that open-source packages can carry hidden risk. The OpenClaw incident shows why artificial intelligence agents may raise the stakes.

According to findings from Palo Alto Networks' Unit 42, attackers managed to place malicious skills inside ClawHub, the marketplace used by developers to extend the OpenClaw agent ecosystem. These skills are markdown-driven packages that allow OpenClaw to perform more tasks. The concern is not just that malicious code reached a public registry. The bigger issue is what that code can do once an autonomous agent trusts it.

OpenClaw operates as a personal assistant for automated workflows. To be useful, it may need access to local files, comman...