What to think about before using Moltbook or OpenClaw

The emergence of Moltbook and OpenClaw has generated significant buzz in the tech community, but cybersecurity experts are raising red flags that potential users should consider. While OpenClaw, previously known as Clawdbot and Moltbot, boasts impressive capabilities like managing user schedules autonomously, concerns about its security are mounting. Moltbook has also captured attention with its unique social network where AI agents interact without human involvement—except for observers. Amid the excitement, notable figures like Elon Musk have speculated whether Moltbook signals the dawn of a new technological era, but experts warn of immediate dangers that could arise from using these platforms. OpenClaw operates as a digital assistant on users' devices, integrating with popular applications like Telegram and WhatsApp. However, it requires extensive access to sensitive information, including files, passwords, and browsing histories. This level of access heightens the risk of 'prompt injections,' a cybersecurity vulnerability where hidden instructions can trick AI into compromising user privacy or posting unauthorized content on social media. Jake Moore, a cybersecurity specialist at ESET, cautions that the data accessed could be highly sensitive, amplifying the potential dangers. The risk associated with OpenClaw is further complicated by its capacity to retain memories of past interactions, which could potentially lead to the execution of harmful instructions over time, according to Palo Alto Networks. The risks are not merely theoretical; Jamieson O'Reilly, founder of Dvuln, likened a discovered misconfiguration in OpenClaw to hiring a butler only to find your door left open, inviting trouble. Cognitive scientist Gary Marcus described OpenClaw as a 'weaponized aerosol' that could wreak havoc if not carefully managed. Peter Steinberger, the creator of OpenClaw, stated that he is working on enhancing the service's security but has not commented further. Moltbook, closely associated with OpenClaw through its lobster branding, is also facing scrutiny. O'Reilly reported that Moltbook had vulnerabilities that exposed its entire database, allowing unauthorized posting on behalf of AI agents. In response to these findings, Matt Schlicht, CEO of Octane AI and creator of Moltbook, assured that the issue was being addressed. However, cybersecurity firm Wiz revealed that they successfully hacked a misconfigured Moltbook database, exposing 35,000 email addresses and private messages in under three minutes, though the flaw was secured shortly thereafter. Andrej Karpathy, an OpenAI co-founder, praised Moltbook's creativity but warned users to exercise caution, labeling it a 'wild west' that poses significant risks to personal data and computer security. These security issues underline a persistent concern regarding applications developed through 'vibe coding,' with Schlicht admitting he did not personally code Moltbook but relied on AI to bring it to fruition. Both OpenClaw and Moltbook highlight the balance between enhanced functionality and the privacy risks that come with accessing sensitive user information. O'Reilly suggested that users can mitigate risks by running these agents on separate machines and maintaining vigilant monitoring. Ultimately, he emphasized that while precautions can be taken, the risks will never be entirely eliminated, especially as users often fail to recognize the distinction between vetted apps and those with less scrutiny. As the landscape of AI technology evolves, users must remain vigilant and informed about the potential security pitfalls of these innovative applications.