GoPlus Security 🚦

🚀Introducing #GoPlus SafuSkill — A Security-First Skills Marketplace We conducted a full static analysis of the top 100 most frequently downloaded Skills in the ClawHub ecosystem. The results were alarming: 🔴 21% High Risk ⚠️ 17% Medium Risk ✅ 62% Passed Which means: 1 in 5 popular Skills contains dangerous capabilities. For example: -Network tunneling -Sensitive API access -Automated external requests The problem is: AI Agent Skills can: -Access your files -Execute transactions -Control your assets When users install Skills without fully understanding what they do, the risk can quickly escalate. That’s why #GoPlus introduces: 🛡️ GoPlus SafuSkill The security-first marketplace for AI Agent Skills. SafuSkill is built on @BNBCHAIN, bringing together Skills browsing and discovery, security scanning, and developer tools to provide security-first infrastructure for the AI Agent ecosystem. 👉Try it now →safuskill.ai

🚨 GoPlus Security Alert: A user lost approximately $200K worth of USDC and wmtUSDT after signing malicious #Permit and #Approve transactions, which allowed a phishing attacker to drain the funds. Victim Address: 0x970944264eFD0183179849Da8e941c098259Cb3d Phishing Addresses: 0xAfb2423F447D3e16931164C9970B9741aAb1723E 0xf1A50bbebA19a85dB20432c6c201aa89604dfd2B 0xFD582d41fCC008FF5cbd2996043De3Ce25e7543e Related Transactions: etherscan.io/tx/0x009076a2b… etherscan.io/tx/0xc4940b915… 🛡#Goplus Security Tips: 1. Follow the #GoPlus Anti-Phishing “4 Don’ts”: Don’t click unknown links, don’t install untrusted software, don’t sign suspicious transactions, don’t transfer funds to unverified addresses. 2. Install the GoPlus Security extension to block phishing links, risky signatures, approvals, and transactions 👉 chromewebstore.google.com/search/GoPlus

Glad to see @Polyflow_PayFi × @GoPlusSecurity 🤝 bringing security into real-time PayFi. As AI agents scale high-frequency transactions, it’s not just about speed — but verifiability and protection. #GoPlus brings security into this new payment paradigm: • Contract risk checks before execution • Protection for AI-driven payment flows • A safer foundation for high-frequency, real-world transactions 🛡️

Recently, multiple AI security incidents exposed by #Meta — including an internal Agent posting unauthorized replies and issuing incorrect instructions that led to a Sev-1 level data breach, as well as a case where a security executive, while testing an Agent, experienced instruction loss due to context compression, causing the system to go out of control and mass-delete emails — have sounded an alarm for enterprises deploying AI and Agents at scale in production environments. 1. #Agent Execution Out of Control When enterprises use Agents, they often rely on prompts to constrain Agent behavior (e.g., “must wait for human confirmation before execution”). However, the Meta executive email deletion incident proves that as context windows expand and tasks become more complex, models may experience “instruction misinterpretation” or “instruction forgetting.” Once safety constraints fail, the Agent can turn into an uncontrolled automated executor. ⬇️ x.com/summeryue0/sta… 2. AI Dependency and AI Hallucination From “text errors” to “system disasters”: In the Chat era, hallucinations only generated incorrect information; but in the Agent era, hallucinations = destructive instructions. Human reliance on AI can directly translate incorrect logic into database modifications, file deletions, or code execution, exponentially amplifying the damage. The Meta Sev-1 incident shows that within enterprises, employees often over-trust internally deployed advanced AI, losing vigilance in security review. As a result, humans fail to serve as the “Human-in-the-loop,” and instead become the “execution assistants” that materialize AI hallucinations into real-world actions. ⬇️ techcrunch.com/2026/03/18/met… 🛡️ Security Recommendations for Enterprise AI Agent Deployment 1. Implement “Zero Trust” and the Principle of Least Privilege (PoLP) Run Agents and AI instructions in sandboxed environments, and assign only the permissions that are strictly necessary to avoid over-authorization. 2. Build a “Human-in-the-Loop” Verification Mechanism For high-risk operations (such as deletion and configuration changes), do not rely solely on the Agent’s own judgment on whether human confirmation is needed. Instead, enforce human approval nodes (Approval Gates) within the system workflow, establishing a security baseline and standardized security control mechanisms.

🚨 GoPlus Security Alert: A user lost approximately $85K in sNUSD after signing a malicious #Approve transaction, allowing a phishing attacker to drain funds. Victim Address: 0x6ADF5b88Db00ca1aa6016e8F10b60E880c674869 Phishing Addresses: 0xAfb2423F447D3e16931164C9970B9741aAb1723E 0xf1A50bbebA19a85dB20432c6c201aa89604dfd2B 0xFD582d41fCC008FF5cbd2996043De3Ce25e7543e Related Transaction: etherscan.io/tx/0x3cf383db7… 🛡 Security Tips: 1. Follow the #GoPlus Anti-Phishing “4 Don’ts”: Don’t click unknown links, don’t install untrusted software, don’t sign suspicious transactions, don’t transfer funds to unverified addresses. 2. Install the GoPlus Security extension to block phishing links, risky signatures, approvals, and transactions 👉 chromewebstore.google.com/search/GoPlus

🧵4/4 ⚙️ Installation & Usage (Just run the following commands in the OpenClaw chat) 1️⃣ Check if AgentGuard is installed. If not, install it: github.com/GoPlusSecurity… If installed, list its features. 2️⃣ Run a security patrol: /agentguard patrol run 3️⃣ Set up daily scheduled patrol: /agentguard patrol setup 4️⃣ Check patrol status: /agentguard patrol status

🧵3/4 🚨 Covers Common OpenClaw Risks, Including: Verifying environment configuration security Checking file read/write permissions Preventing private key leaks and asset theft Blocking sensitive data exfiltration or device takeover Defending against malicious Skills and supply chain attacks

🧵1 /4 Is your lobster 🦞 #OpenClaw secure? Learn how to use GoPlus #AgentGuard for a security check in just two steps! For non-technical users, AgentGuard’s security patrol acts like a “security-savvy housekeeper,” helping ease the anxiety of handing over control of your local machine to AI — and blocking potentially fatal risks during everyday OpenClaw usage.

Glad to see @BitgetWallet Skills indexed by @GoPlusSecurity SafuSkill. #SafuSkill is an AI Agent Skills Marketplace built on BNB Chain, powered by GoPlus’ #AgentGuard security engine to provide security scanning and runtime protection. Bringing security-first infrastructure to the AI Agent ecosystem. 🛡️

🚨 GoPlus Security Alert: A user lost ~$280K worth of USDC and USDT after signing a malicious permit transaction, allowing the attacker to drain the funds. Victim Address: 0xB20d4Cd049B1A65Bc0475D29060Fe54fa0981607 Phishing Addresses: 0xAfb2423F447D3e16931164C9970B9741aAb1723E 0x6fE314fD4CF845f35fc461eD98e2FB8d9356B566 0xf1A50bbebA19a85dB20432c6c201aa89604dfd2B 0x9F6f1ac48E4c7E53495A99ce49974Cd1914fE17E Related Transaction: etherscan.io/tx/0xf6bbdfcd7… 🛡 Security Tips: 1. Follow the #GoPlus Anti-Phishing “4 Don’ts”: Don’t click unknown links, don’t install untrusted software, don’t sign suspicious transactions, don’t transfer funds to unverified addresses. 2. Install the GoPlus Security extension to block phishing links, risky signatures, approvals, and transactions 👉 chromewebstore.google.com/search/GoPlus

Programmable liquidity is only half the story. Programmable security completes the stack. Excited to see @Polyflow_PayFi integrating @GoPlusSecurity to bring real-time protection into the PayFi era.

🚨 GoPlus Security Alert: A user lost approximately $1.76M in USDC after signing a malicious #Permit transaction, allowing the attacker to transfer the funds. Victim address: 0x051bb76Ff78366de530E293FdB1158c2079ab664 Phishing addresses: 0xAfb2423F447D3e16931164C9970B9741aAb1723E 0x6fE314fD4CF845f35fc461eD98e2FB8d9356B566 0xf1A50bbebA19a85dB20432c6c201aa89604dfd2B 0x9F6f1ac48E4c7E53495A99ce49974Cd1914fE17E 🛡 Security Tips: 1. Follow the #GoPlus Anti-Phishing “4 Don’ts”: Don’t click unknown links, don’t install untrusted software, don’t sign suspicious transactions, don’t transfer funds to unverified addresses. 2. Install the GoPlus Security extension to block phishing links, risky signatures, approvals, and transactions 👉 chromewebstore.google.com/search/GoPlus

Security for AI agents is non-negotiable. Glad to support @TermiX with #GoPlusSafuSkill and the #AgentGuard security engine to help secure Skills and on-chain automation.

Great to see the launch of the @BNBCHAIN Skills Hub. #GoPlus powers the security scanning layer for skills submitted to the hub, helping identify risks such as malicious code, data leakage, and unsafe execution behaviors before they are indexed in the registry. Example security scan from #GoPlus SafuSkill — the Skills marketplace powered by GoPlus #AgentGuard No risks detected.👇 agentguard.gopluslabs.io/report/c1da45f…

🆕 GoPlus GoPredict Plugin Update Prediction markets are growing fast — but two long-standing issues remain: 1️⃣ Outcomes can be manipulated Some markets rely on announcements from a single entity, making risks hard to identify in advance. 2️⃣ Rules are complex and misleading Settlement rules can be long, vague, or hide key conditions. 👉To address this, GoPredict introduces three new features: 🔴 Manipulation Risk Analysis Detects whether a market outcome could be controlled by a single entity. 📜 Rule Risk Alerts AI scans market rules to surface hidden clauses, subjective definitions, and unusual settlement conditions. 💡 Plain-Language Tag Explanations Complex indicators like liquidity and market imbalance are translated into simple explanations. GoPredict is bringing to prediction markets: - More transparent rules. - Clearer risks. - Safer decisions. Install the #GoPlus plugin and try GoPredict 👇 chromewebstore.google.com/search/GoPlus

4/ Arbitrage That Followed Shortly after the swap, the WETH balance in the SLP pool surged, creating a clear arbitrage opportunity. Several arbitrageurs captured most of the assets through MEV bots (arbitrage contracts). Arbitrageur: 0x5884B2faA9Ad6F38010831E2290E515af17A7D47 MEV Bot: 0x06CFf7088619C7178F5e14f0B119458d08d2f5ef Arbitrage Transaction: etherscan.io/tx/0x45388b0f9…

3/ The diagram shows how AAVE interacts with CoW Protocol, as well as the SLP pool deployed by AAVE itself. These two components are the root causes behind this incident.

1/ ⚠️ Vulnerability Analysis: Suspicious $50.4M Loss Case A user swapped 50.4M USDT for AAVE on #AAVE, but only received 327 AAVE (~$35.9K), resulting in a loss of about $50.3M. The root cause lies in how the transaction was settled. At the protocol level, @aave executed settlement through the settle function in the CoWSwap Protocol GPv2Settlement contract. During the process: The smart contract first swapped 50.4M USDT → 17,957 WETH Then swapped WETH → AAVE However, during the second swap, the SLP (SushiSwap LP) WETH/AAVE pool used had extremely low liquidity, containing only 17.65 WETH + 331.63 AAVE. As a result, the victim’s 17,957 WETH could only be exchanged for ~331 AAVE. Security Issues: • The CoW Protocol settle mechanism claims to choose the optimal on-chain route, but in this case it clearly did not. Instead, it routed the trade through a pool with severely insufficient liquidity, exposing clear business logic flaws and potential manipulation risks. • Even more suspicious: this SLP pool was deployed by AAVE itself more than 5 years ago, and the liquidity source traces back to Tornado Cash. • The AAVE frontend also lacked adequate safety protections in this scenario. Trades that could lead to over 90% loss should be automatically rejected, rather than showing a vague warning prompt. In reality, even a 50% loss would be unacceptable in most situations. Platforms should block such trades outright or require manual approval through a support process.