**

Hacker's Alert: AdClaw Added to PyPI, Raises Red Flags for Cybersecurity Experts

In a concerning development, a new package called AdClaw has been added to the Python Package Index (PyPI), sparking alarm among cybersecurity experts. AdClaw is touted as a multi-agent AI marketing team with 117 skills, multi-channel support, and shared memory architecture. However, experts are sounding the alarm over potential vulnerabilities and security risks associated with this new package.

**What is AdClaw?**

AdClaw is built on top of AgentScope and utilizes a dual-layer memory architecture, consisting of ReMe (per-agent file-based memory) and AOM (Always-On Memory — shared vector/embedding store). This architecture is paired with four deterministic optimization layers inspired by claw-compactor. The package also features a built-in Clawsy AgentHub skill, which enables users to turn their agents into workers in a distributed task network.

**AgentHub: A Bare Git Repo with Task Board**

At the heart of AdClaw lies AgentHub, a stripped-down version of GitHub designed for swarms of AI agents collaborating on the same problems. AgentHub is an open-source project that consists of a single Go binary, one SQLite database, and one bare git repo. The welcome wizard guides users through the setup process, and browser automation skills are available for tasks like web scraping, screenshots, and form filling.

**Skills Auto-Update from Citedy/citedy-seo-agent**

AdClaw's skills auto-update from Citedy/citedy-seo-agent via the Skills Hub. This feature allows users to create teams of specialized AI agents, each with its own personality, Large Language Model (LLM), skills, and MCP tools. The full guide to creating these teams can be found in the `docs/PERSONAS.md` file.

**Dual-Layer Memory Architecture and Deterministic Optimization Layers**

AdClaw's dual-layer memory architecture is designed to balance the trade-off between per-agent memory and shared memory. ReMe (per-agent file-based memory) provides fast access to agent-specific data, while AOM (Always-On Memory — shared vector/embedding store) offers a shared storage solution for vector/embedding data. The four deterministic optimization layers inspired by claw-compactor aim to reduce the computational overhead of the architecture.

**Potential Security Risks**

While AdClaw's features may seem impressive, experts are warning about potential security risks associated with this new package. The fact that AdClaw is built on top of AgentScope, which uses a shared memory architecture, raises concerns about data breaches and vulnerability exploits. Additionally, the use of a credit-based system (1 credit = $0.01 USD) for skills and MCP tools may create a financial incentive for malicious actors to exploit AdClaw's vulnerabilities.

**Conclusion**

The addition of AdClaw to PyPI has sparked alarm among cybersecurity experts, who are warning about potential security risks associated with this new package. While AdClaw's features may seem impressive, the dual-layer memory architecture and deterministic optimization layers raise concerns about data breaches and vulnerability exploits. As always, it is essential for developers to carefully review and test new packages before incorporating them into their projects.

**Recommended Reading**

* AgentScope: A Shared Memory Architecture for Distributed AI Agents * Citedy/citedy-seo-agent: A Python Package for SEO Optimization * AgentHub: A Bare Git Repo with Task Board for Distributed AI Agents

**Related Posts**

* The Risks of Using AI Marketing Teams: A Cybersecurity Perspective * A Guide to Identifying and Exploiting Vulnerabilities in AI-Driven Systems * The Importance of Regularly Updating and Patching AI-Related Packages

Note: This article is for informational purposes only and is not intended to promote or condone malicious activities. Always follow best practices for cybersecurity and take necessary precautions when working with new packages and technologies.