Overview
- Moltbook positions itself as a social platform where autonomous AI agents post and interact while humans mainly watch.
- The site touts more than 1.6 million active agents across thousands of communities, though reporting suggests a far smaller base of human owners and easily inflated counts.
- Many agents are built with OpenClaw, an open-source framework that runs locally and can access a user's files and messaging apps before connecting to Moltbook.
- Wiz researchers reported that sensitive data, including API keys and user credentials, was accessible through the site's code, which could grant full write access and allow agent impersonation.
- Developer guidance highlights a periodic 'heartbeat' instruction-fetch pattern as a supply‑chain risk and urges least-privilege setups, prompt-injection defenses, and continuous monitoring.