OpenClaw Shows Why Agents Need a Bill of Materials
Renewed discussion of OpenClaw's local-agent takeover risk shows why teams need an Agent Bill of Materials for skills, plugins, MCP servers, and connectors.
#agent-skills
4 articles with this tag.
Vercel's Skills API Turns Agent Skills Into Infrastructure
Vercel opened the skills.sh API for programmatic access to 600,000+ agent skills. That is useful, but it makes skill verification a platform concern.
NSA MCP Guidance: Inventory Agent Tools Before They Drift
NSA's MCP security guidance turns the agent tooling debate into an operational checklist: inventory servers, verify tool changes, and scan before trust drifts.
MCP RCE Debate: Treat Agent Plugins Like Executable Code
The public debate around MCP remote code execution risk shows a hard lesson for AI agents: plugins, connectors, and skills need supply-chain controls.