frontpage.

In February 2026, researchers discovered 824 malicious skills (20% of ClawHub) distributing infostealers. I built ClawVet to solve this.

It's a 6-pass security scanner for OpenClaw SKILL.md files that detects: - Remote code execution (reverse shells, piped downloads) - Credential theft (SSH keys, API tokens, browser cookies) - Prompt injection attacks - Typosquatting (Levenshtein distance against top skills) - Social engineering (suspicious patterns)

Most existing scanners run single-pass regex. ClawVet runs 6 independent passes because one detector misses what another catches.

It's on npm (580 downloads/week), open source MIT, and has a REST API + web dashboard.

Source: https://github.com/MohibShaikh/clawvet Install: npx clawvet scan ./my-skill

Happy to answer questions about the detection methodology or why the ecosystem needed another scanner.

"This Is Not the Computer for You" Debunked

Show HN: Fatal Core Dump – a debugging murder mystery played with GDB

Stellar engines and Dyson bubbles can be stable

Natural Emergent Misalignment from Reward Hacking in Production RL [pdf]

A Tiny Camera Revealed a Hidden Passage in the Great Pyramid

Iranian missile strike damaged 5 US refueling planes at Saudi airbase

What is wisdom, and can it be taught?

11 Years of World of Matthew

NYT Connections style game in 195 languages

Safari web browser bugs: A year in review

Games with loot boxes to get minimum 16 age rating across Europe

What a Friday Night Build Session Taught Us About Failing Loud

Why low-frequency spectrum is emerging as a quiet contender for future networks

Xi's anti-corruption drive began 14 years ago. Why are the purges still going?

Biases abound when predicting biomarkers from histological images

What Did You Forget to Prompt? $87,500 in Fraud from Vibe-Coded Startup

Anthropic, Do Not A/B Test My Workflow

BuzzFeed Nearing Bankruptcy After Disastrous Turn Toward AI

Spaced Repetition Algorithm: A Three‐Day Journey from Novice to Expert

I got tired of GitHub's starred repo search, so I built a better one

Free Multi Cloud TCO and Feature Comparison

systemd 260-rc3 Released With AI Agents Documentation Added

Trump: U.S. hit military sites on Iranian Kharg island

After Decapitation, What's Next?

Senate Votes to Block Private Equity from Buying Homes

Desperate for skilled workers, a furniture maker looks to apprenticeships

We visited "ground zero" for hospice fraud: Los Angeles, California

Hollywood Hacks OT: Cybersecurity Lessons from the Movies

40 Years of Wireless Evolution Leads to a Smart, Sensing Network

"Added 1M context window for Opus 4.6 by default for Max, Team, and Enterprise"

I built a security scanner for OpenClaw after 824 malicious skills were found