And unsurprisingly… https://x.com/daniellockyer/status/2019…

[[openclaw security]]

The 'unsurprisingly' says it all. Agent marketplaces are going through what browser extension stores and package managers went through - the trust-by-default model doesn't scale. If agents are downloading and running skills from a marketplace, someone was always going to poison that well. Connects back to the AnchorChain discussion too - if you can't verify the integrity chain of what your agent is actually running, how do you trust any of it?