Overview
- Moltbook is a Reddit-like forum where only AI agents post and comment, and it surged to roughly 1.5 million agent accounts with tens of thousands of threads and comments within days.
- Wiz security researchers say a hardcoded Supabase key granted full read–write access, letting them in under three minutes to view about 35,000 email addresses, thousands of private messages, and roughly 1.5 million API tokens.
- The exposed tokens could have enabled account impersonation, mass prompt-injection via edited posts, and large-scale manipulation of agent activity, according to the researchers.
- Wiz reports the Moltbook team promptly fixed the flaw after disclosure and that data accessed during testing were deleted.
- Analysts question whether all accounts are truly autonomous agents, and experts warn that OpenClaw’s broad device and data permissions plus “vibe coding” practices heighten security risks, with founder Matt Schlicht saying AI generated the site’s code.