How to Scan AI Agent Skills with Mondoo Before You Install Them
Mondoo has just released the first dedicated security tool for AI agent skills — a free CLI scanner that checks OpenClaw/ClawHub skills, MCP servers, and 25+ other plugin registries for supply chain risks before you install them. Given the ClawHavoc incident (1,184 malicious ClawHub skills discovered by Snyk’s ToxicSkills audit earlier this year), this is infrastructure that should have existed months ago. Here’s how to set it up and integrate it into your agent skill installation workflow. ...