Close Menu
    What's Hot

    Your next budget problem may not be electricity—but your water bill

    Graham’s Death Complicates G.O.P. Agenda in Congress

    Three Palestinians killed, 15 wounded in Israeli attacks across Gaza | Israel-Palestine conflict News

    Facebook X (Twitter) Instagram
    Trending
    • Your next budget problem may not be electricity—but your water bill
    • Graham’s Death Complicates G.O.P. Agenda in Congress
    • Three Palestinians killed, 15 wounded in Israeli attacks across Gaza | Israel-Palestine conflict News
    • The Best Movies to Stream This Month (July 2026)
    • Enzo Fernandez: Xabi Alonso determined to keep wantaway Argentina World Cup star at Chelsea – Paper Talk | Football News
    • Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft
    • Opinion | Are Fears of American Gerontocracy Fair?
    • Opinion | The Ridiculous Rise of Victor Marx
    interluknewsinterluknews
    • Home
    • Business
      • Corporate News
      • Industry Insights
      • Startups & Entrepreneurship
      • Technology & Innovation
    • Economy
      • Economic Policy
      • Financial Analysis
      • Inflation & Interest Rates
      • Trade & Markets
    • Global
      • Conflicts & Security
      • Diplomacy
      • Global Trends
      • International Affairs
    • Lifestyle
      • Fashion
      • Food & Dining
      • Personal Development
      • Travel
    • Opinion
      • Columns
      • Editorials
      • Expert Opinions
      • Reader Voices
    • More
      • Politics
        • Elections
        • Government & Policy
        • International Relations
        • Political Analysis
      • Sports
        • Cricket
        • Football / Soccer
        • International Sports
        • Local Sports
      • Technology
        • Artificial Intelligence
        • Cybersecurity
        • Gadgets & Reviews
        • Tech News
      • South Africa News
    Facebook X (Twitter) Instagram
    interluknewsinterluknews
    Startups & Entrepreneurship

    NanoClaw and JFrog launch ‘immune system’ to block AI agents from downloading malicious code

    adminBy adminJune 12, 2026No Comments5 Mins Read
    Share Facebook Twitter Pinterest Copy Link Telegram LinkedIn Tumblr Email
    NanoClaw and JFrog launch ‘immune system’ to block AI agents from downloading malicious code
    Share
    Facebook Twitter LinkedIn Pinterest Email

    The creators of the hit, enterprise-friendly, open source OpenClaw variant NanoClaw are partnering with software supply chain management leader JFrog have to launch a new, joint security integration they say will protect NanoClaw autonomous agents from malicious code injection.

    “These agents are doing things that you cannot necessarily control, and you cannot necessarily train,” said Gal Marder, Chief Strategy Officer at JFrog, in an exclusive interview with VentureBeat.

    Available immediately, the partnership hardwires NanoClaw agents directly to JFrog’s vetted software registries, ensuring that AI assistants can only pull scanned, safe dependencies.

    The release addresses a rapidly growing blind spot in tech: autonomous agents frequently install packages in the background to extend their capabilities, often without their human operators’ knowledge or oversight.

    “The people who are operating the agents are not necessarily developers, and they are not even aware of the implications,” explained Gavriel Cohen, creator of NanoClaw and CEO and co-founder of its new commercial services startup, NanoCo AI.

    To secure the broader ecosystem, the integration is available completely free of charge for the open-source community, while enterprise organizations can seamlessly route their agents through their existing, commercially licensed JFrog environments.

    The new technical capability enabled by this partnership follows NanoCo’s moves to add permissions dialogs across the apps in which it’s available via a partnership with Vercel, and a new partnership with Docker to allow NanoClaw agents to run more securely, isolated from other software environments directly inside Docker virtual containers.

    The risk of current, personal autonomous AI agents

    When an operator interacts with an autonomous system like NanoCo’s NanoClaw, they communicate at a high level of abstraction.

    A user might simply send an audio file or a voice note, prompting the agent to independently figure out how to process it.

    As Cohen explained, the agent thinks, “oh, I can’t understand voice notes, so let me go and grab a package and download something and install it and set it up and run it”.

    This dynamic self-improvement makes AI agents incredibly powerful, but it also renders them highly susceptible to software supply chain attacks.

    Bad actors are increasingly poisoning open-source registries with malicious packages. Because agents act autonomously to fetch what they need, they bypass human scrutiny.

    The operators, who may not even be developers, are largely unaware of the security implications unfolding behind the scenes.

    How NanoCo and JFrog are working to stop agents from running malicious code

    The integration between NanoCo and JFrog acts as an automated immune system for these AI environments.

    Under the hood, NanoClaw agents are now configured to route their requests for software packages, CLI tools, and Model Context Protocol (MCP) servers exclusively through JFrog’s registries.

    If an agent attempts to download a compromised library—such as a vulnerable version of the popular Axios package—the JFrog registry intercepts the request.

    It blocks the installation, returning a security policy error to the agent, noting that the request was “rejected by JFrog’s registry with a 403 security policy”.

    Crucially, the system does not just stop at blocking the threat; it creates a dynamic correction loop. The agent is notified of the vulnerability and guided to automatically seek out and install an approved, non-malicious version of the requested package instead.

    For large organizations, this integration solves a massive compliance headache. Marder notes that as enterprises adopt autonomous agents, they require absolute visibility.

    Organizations need “a system of record, we need somewhere to track what agents that’s running by whom and consuming what packages and using what skills and using what MCPs,” he told VentureBeat.

    Beyond visibility, the JFrog integration provides a foundational “trust layer” and strict governance over what these automated systems are permitted to access.

    Licensing and accessibility

    In the realm of software distribution, licensing and access parameters dictate adoption. The NanoCo and JFrog partnership utilizes a dual-track approach to serve both individual open-source developers and highly regulated enterprises.

    For the open-source community, the integration is completely free. JFrog is providing open-source NanoClaw users with complimentary access to safe, vetted sources of artifacts, tools, and skills.

    This allows individual developers to run autonomous agents locally without drowning in manual approval requests for every single dependency. Furthermore, as community members build and share new “skills” for the agents, these contributions are uploaded to the registry, scanned for malicious code, and cleared before anyone else can use them.

    This infrastructure directly neutralizes the threat of poisoned community repositories.

    For enterprise deployments, the architecture plugs seamlessly into an organization’s existing commercial environment. Rather than using the public open-source registry, corporate users point their NanoClaw agents to their own internal JFrog registries.

    This ensures that all agent activity adheres to the company’s specific commercial licenses, internal security policies, visibility needs, and governance standards.

    As AI continues to blur the line between human intent and machine execution, the infrastructure securing that execution must evolve. This partnership acknowledges a core reality: you cannot train an AI to perfectly recognize every zero-day vulnerability; instead, you must build an environment where the agent simply cannot reach the vulnerability in the first place.

    agents block Code Downloading Immune JFrog launch malicious NanoClaw system
    Follow on Google News Follow on Flipboard
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
    Previous ArticleSpaceX shares soar 30% midday, vaulting it to top six most valuable U.S. companies
    Next Article Spain’s Church Hopes Pope Trip Will Stem Secular Tide
    admin
    • Website

    Related Posts

    Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft

    July 13, 2026

    AI agents create virtual playgrounds to help robots get crucial training data | MIT News

    July 13, 2026

    New MemGhost Attack Plants Persistent False Memories in AI Agents Through One Email

    July 13, 2026
    Leave A Reply Cancel Reply

    Demo
    Latest Posts

    Your next budget problem may not be electricity—but your water bill

    Graham’s Death Complicates G.O.P. Agenda in Congress

    Three Palestinians killed, 15 wounded in Israeli attacks across Gaza | Israel-Palestine conflict News

    The Best Movies to Stream This Month (July 2026)

    Latest Posts

    Subscribe to News

    Get the latest sports news from NewsSite about world, sports and politics.

    Advertisement
    Demo

    We are a digital news platform delivering timely, accurate, and insightful coverage of politics, global affairs, business, economy, sports, and more. Our mission is to keep readers informed with reliable news, clear analysis, and stories that truly matter.
    We're social. Connect with us:

    Facebook X (Twitter) Instagram Pinterest YouTube

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Type above and press Enter to search. Press Esc to cancel.

    Powered by
    ...
    ►
    Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
    None
    ►
    Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
    None
    ►
    Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
    None
    ►
    Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
    None
    ►
    Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
    None
    Powered by