First reported by BackBox.org
SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing
SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing
From the article
Scanners meant to catch malicious add-on "skills" for AI coding agents can be fooled by a few simple changes that leave the malware working, according to a new study from researchers at the Hong Kong University of Science and Technology. Their strongest trick slipped past every scanner tested more than 90% of the time, and the same team built a runtime checker that catches most of the
Continue reading on thehackernews.comYou might also wanna read
SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing
BackBox.org·3d ago
Security scanners for AI agent skill marketplaces fail to detect malicious skills, researchers find
The article exposes critical security flaws in AI agent skill marketplaces, where malicious skills designed to steal credentials, exfiltrate

Security Researchers Find Malware in Hundreds of OpenClaw AI Agent Skill Extensions
Security researchers have discovered hundreds of malicious add-ons in OpenClaw's marketplace, with the most-downloaded skill serving as a ma
Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It
BackBox.org·7h ago
Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It
thecybersecurity.news·7h ago
AI Coding Agents Found Triggering Endpoint Security Rules Built to Catch Attackers
thecybersecurity.news·20h ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.