Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We are thrilled to announce a strategic partnership with Cline Bot Inc. to bridge the gap between autonomous speed and enterprise trust. By embedding Snyk’s security intelligence directly into Cline’s autonomous loops, we are delivering an end-to-end automated secure coding workflow that empowers developers to innovate with confidence. The evolution of AI coding tools is accelerating rapidly. We have moved from simple completion to sophisticated chat, and now to full autonomy.

The promise of AI-driven development is speed. But security teams face a binary choice: slow down the AI train to ensure safety, or let it run wild and accumulate risk. At Snyk, we believe you shouldn't have to choose.

Why don’t developers fix every AppSec vulnerability, every time, as soon as they’re found? The most common answer? Time. Modern security tools can surface thousands of vulnerabilities in a given codebase. Fixing them all would take up a development team’s entire capacity, often competing with feature development and other priorities.

For most engineering teams, AI feels like a breakthrough years in the making. Code gets written faster, reviews move quicker, and releases that once took weeks now happen in days—or even hours. But as more of the software lifecycle becomes automated, a less comfortable reality is setting in: application security hasn’t kept pace, and AI-native security practices are often missing. When AppSec foundations are immature, AI doesn’t reduce risk—it scales it.

If you've been paying attention to the AI agent space over the past few months, you've probably noticed a pattern: every week brings a new story about an AI agent doing something it absolutely should not have done: reading private emails, exfiltrating credentials, or executing shell commands that a human would have never approved. The OpenClaw saga alone gave us exposed databases, command injection vulnerabilities, and a $16 million scam token, all in the span of about five days.

Maybe you’re an AI builder, or maybe you’re a CISO. You've just authorized the use of AI agents for your dev team. You know the risks, including data exfiltration, prompt injection, and unvetted code execution. So when your lead engineer comes to you and says, "Don't worry, we're using Skill Defender from ClawHub to scan every new Skill," you breathe a sigh of relief. You checked the box. But have you checked this Skills scanner?

You ask your OpenClaw agent to "check my Gmail." It replies, "I need to install the Google Services Action skill first. Shall I proceed?" You say yes. The agent downloads the skill from ClawHub. It reads the instructions. Then, it pauses. "This skill requires the 'openclaw-core' utility to function," the agent reports, displaying a helpful download link from the skill's README. "Please run this installer to continue." You copy the command. You paste it into your terminal. You have just been compromised.

The first comprehensive security audit of the Agent Skills ecosystem reveals malware, credential theft, and prompt injection attacks targeting OpenClaw, Claude Code, and Cursor users Agent skills are reusable capability packages that instruct AI agents how to interact with tools, APIs, or system resources—and they're rapidly becoming standard in AI-powered development.

On Monday, February 3rd, Snyk Staff Senior Engineer Luca Beurer-Kellner and Senior Incubation Engineer Hemang Sarkar uncovered a massive systemic vulnerability in the ClawHub ecosystem (clawhub.ai). Unlike the malware campaign we reported yesterday involving specific malicious actors, this new finding reveals a broader, perhaps more dangerous trend: widespread insecurity by design. In this write-up, Snyk is presenting Leaky Skills - uncovering exposed and insecure credentials usage in Agent Skills.

In introducing the AI Security Fabric, we have outlined how security must evolve as software is built by humans, models, and autonomous agents working at machine speed. The Fabric defines the architectural shift required to build trust at AI speed, delivered through the Snyk AI Security Platform. We’re now focusing on the next question: how organizations put that vision into practice. Operationalizing AI security is not about enabling a single feature or deploying a tool.