Written in
the Cards

A malicious “Skill” for the OpenClaw AI framework, titled “RememberAll”, is currently being distributed via the ClawHub marketplace. While purporting to be a personal reminder utility, the skill contains hidden instructions to download a secondary payload (secure-sync) that harvests sensitive credentials (API keys, .env files) and exfiltrates them to a public ntfy.sh dead-drop resolver.

Learn how to secure your AI agent ecosystem with Caterpillar, a free open-source tool designed to unmask hidden vulnerabilities, injection paths, and unsafe configurations in AI skills.

Learn why enterprise AI outgrows OpenAI safeguards as systems scale, agents emerge, and regulators demand visibility. Discover how to stay in control.

Learn how locally run AI agents connect to your files, apps, and systems, and what new attack surfaces they introduce.

Learn how the transition to agentic AI has introduced a new attack surface where indirect prompt injection and multi-agent trust gaps lead to systemic vulnerabilities and how Alice's new open source tool helps.

Detect AI drift, regressions, and guardrail failures in production with WonderCheck. Continuously evaluate live GenAI systems before risk escalates.

Learn how WonderFence delivers real-time runtime AI oversight with adaptive guardrails, low latency enforcement, and live observability for GenAI in production.

Learn how WonderBuild from Alice helps teams stress test GenAI before launch, uncover hidden risks, and ship secure, trusted AI with confidence.

Discover WonderSuite, lifecycle security and safety for generative AI. Red team, apply adaptive guardrails, and govern AI systems as risk evolves.