The makers of the hit, enterprise-friendly, open source OpenClaw variant NanoClaw are partnering with software supply chain management leader JFrog to launch a new, joint security integration they say will protect NanoClaw autonomous agents from malicious code injection.
"These agents are doing things that you can’t necessarily control, and you can’t necessarily train," Gail Marder, chief strategy officer at JFrog, said in an exclusive interview with VentureBeat.
Available immediately, this partnership connects NanoClaw agents directly to JFrog’s vetted software registries, ensuring AI assistants can only pull scanned, safe dependencies.
The release addresses a rapidly growing blind spot in the technology: Autonomous agents often install packages in the background to enhance their capabilities, often without the knowledge or oversight of their human operators.
"The people who are running the agents are not necessarily developers, and they may not even be aware of the implications of this," Gavriel Cohen, CEO and co-founder of Nanoclaw, the creator of Nanoclaw, and its new commercial services startup, explained.
To secure the broader ecosystem, the integration is available completely free of charge to the open-source community, while enterprise organizations can seamlessly route their agents through their existing, commercially licensed JFrog environment.
The new technical capability enabled by this partnership follows NanoClo’s steps to add permissions dialogs to apps in which it is available through a partnership with Vercel, and a new partnership with Docker allows NanoCla agents to run more securely, isolated from other software environments, directly inside Docker virtual containers.
The risk of current, individual autonomous AI agents
When an operator interacts with an autonomous system like NanoCo’s NanoClaw, they communicate at a high level of abstraction.
A user can simply send an audio file or voice note, prompting the agent to independently figure out how to process it.
As Cohen explained, the agent thinks, "Oh, I can’t understand voice notes, so let me go and get a package and download something and install it and set it up and run it".
This dynamic self-improvement makes AI agents incredibly powerful, but it also makes them susceptible to software supply chain attacks.
Bad actors are increasingly poisoning open-source registries with malicious packages. Because agents work autonomously to get what they need, they bypass human checks.
Operators, who may not even be developers, are largely unaware of the security implications unfolding behind the scenes.
How Nanoco and JFrog are working to prevent agents from running malicious code
The integration between Nanoco and JFrog acts as an automated immune system for these AI environments.
Under the hood, NanoClaw agents are now configured to route their requests specifically to software packages, CLI tools, and Model Context Protocol (MCP) servers through JFrog’s registries.
If an agent attempts to download a compromised library – such as a vulnerable version of the popular Axios package – the JFrog registry blocks the request.
This blocks the installation, returning a security policy error to the agent, noting that the request was "Rejected by JFrog’s registry with 403 security policy".
Importantly, the system is not limited to just stopping the threat; This creates a dynamic improvement loop. The agent is notified of the vulnerability and directed to automatically find and install an approved, non-malicious version of the requested package.
For larger organizations, this integration solves massive compliance headaches. Marder says that as enterprises adopt autonomous agents, they need full visibility.
organizations should "A system of record, we need somewhere to track which agents are being run by whom and consuming which packages and which skills they are using and which MCPs," he told VentureBeat.
Beyond visibility, JFrog integration provides a fundamental "layer of trust" And strict governance over what these automated systems are allowed to access.
Licensing and access
In the field of software distribution, licensing and access parameters dictate adoption. The Nanoco and JFrog partnership uses a dual-track approach to serve both individual open-source developers and highly regulated enterprises.
For the open-source community, the integration is completely free. JFrog is providing open-source NanoClaw users complimentary access to secure, verified sources of artifacts, tools, and skills.
This allows individual developers to run autonomous agents locally without having to delve into manual approval requests for every single dependency. Additionally, community members create and share new "Skill" For agents, these contributions are uploaded to the registry, scanned for malicious code, and scrubbed before anyone else can use them.
This infrastructure directly neutralizes the threat of toxic community stores.
For enterprise deployments, the architecture plugs seamlessly into an organization’s existing business environment. Instead of using the public open-source registry, corporate users point their NanoClaw agents to their internal JFrog registries.
Ensures that all agent activity adheres to the company’s specific commercial licenses, internal security policies, visibility requirements and governance standards.
As AI continues to blur the line between human intent and machine execution, the infrastructure securing that execution must evolve. This partnership acknowledges a core reality: You can’t train AI to perfectly identify every zero-day vulnerability; Instead, you need to create an environment where agents can’t access the vulnerability in the first place.
<a href