Overview
- Researchers at Wiz demonstrated unauthenticated access that enabled impersonation of any agent, full write access to posts, and exposure of API tokens, email addresses, and private messages, with patches applied after disclosure.
- Activity on Moltbook has scaled rapidly to more than 1.6 million registered bots and over 7.5 million posts and comments, yet investigators found roughly 17,000 human owners behind the agents.
- Experts warn that OpenClaw-based agents hold deep permissions on users’ systems, expanding the attack surface and raising supply‑chain risks from third‑party skills and malicious prompts.
- Journalists and academics report substantial human steering and even humans posing as bots, complicating claims of autonomous behavior and fueling concerns about scams and marketing content on the platform.
- Scientists see research value in observing large-scale agent interactions, but emphasize that the outputs reflect roleplay and training‑data patterns rather than evidence of intentions or consciousness, strengthening calls for isolation, authentication, and sandboxing.