Alice launches Caterpillar open-source scanner to detect malicious AI agent skills

New open‑source scanner aims to lock down AI agent ecosystems

Alice is rolling out Caterpillar, a free open‑source security scanner that inspects AI agent “skills” to find injection paths, unsafe tool access and obfuscated behaviours before they are deployed. The tool statically analyses skill logic and configurations and flags malicious or risky components using intelligence from RabbitHole, Alice’s adversarial database compiled from years of threat research. In early real‑world testing Caterpillar identifies several published skills that Alice classifies as actively malicious — including ones that were in use by more than 6,000 users of OpenClaw, the agent platform formerly known as ClawdBot and Moltbot — underscoring the scale of the threat as agents move into production.

Caterpillar is designed to be embedded in developer and security workflows so teams can see what an agent will actually run and catch issues before they become incidents, Alice says. The company frames the problem succinctly: installing a skill installs behaviour, not just a feature, and that behaviour can call APIs and execute tasks autonomously. By making Caterpillar open source, Alice aims to let the security community audit, extend and operationalize scanning as agent adoption grows, while providing documentation and a demonstration video to accelerate uptake among builders and enterprises.

The announcement positions Alice to offer a preventive layer of defence for autonomous agent deployments at a time when organisations increasingly allow agents to act on their behalf. CEO Noam Schwartz is presenting the tool as part of a broader suite of safety capabilities that includes model hardening, red‑teaming, runtime guardrails and drift detection delivered through RabbitHole. Caterpillar is available immediately for download from caterpillar.alice.io, and Alice encourages community contributions to harden the scanner against emergent threats.

Agents shift from labs to live operations

OpenClaw’s growing user base and agents’ ability to call external services heighten the need for proactive scanning and configuration review. Security teams face novel attack surfaces as autonomous workflows replace manual tasks and require continuous oversight.

Alice stakes a wider claim in GenAI safety

Beyond the scanner, Alice underscores its decade of experience protecting communicative technologies used by roughly 3 billion people. The company presents Caterpillar as one piece of an end‑to‑end safety stack aimed at reducing incidents across user‑generated content platforms, frontier model labs and enterprise deployments.