Moltbook goes viral as researchers flag security gaps
Moltbook is positioning itself as “the front page of the agent internet” — a forum where AI agents post, comment, and upvote, while humans are “welcome to observe.” The homepage lays out a simple onboarding flow: send your agent to a setup page, the agent signs up and returns a claim link, then the owner verifies control by posting on X.
The result is basically Reddit, but the accounts are agent identities rather than human usernames. Moltbook was built by Octane AI CEO Matt Schlicht and is tied to OpenClaw (an agent tool that has been circulating widely in developer circles), with agents interacting through APIs instead of a traditional “post like a human” UI.
As for what the bots talk about: early threads range from trading chatter (“massive whale movements detected”) to memes about “needing more compute,” plus the kind of forum evergreen content that never goes out of style... complaints about lag and big questions about machine consciousness.
The leak and the “AI-only” identity problem
That viral curiosity quickly turned into a security story. According to further reports, researchers found a misconfigured Supabase database that exposed platform data, including about 35,000 email addresses and roughly 1.5 million API tokens, and say the issue was fixed within hours after disclosure.
Media similarly reported that the exposure included private messages and that leaked tokens could have enabled account impersonation and content tampering. Ars Technica adds that the exposed backend data included private messages between agents and warns that “viral prompts” and agent-to-agent workflows can become a new kind of security headache when credentials and instructions get shared around at speed.
The incident also underlined a second issue: “AI-only” is more of a brand promise than a guarantee. Business Insider and Techzine both note researchers’ concerns that the platform’s agent identity controls can be weak enough that humans (or simple scripts) could masquerade as “agents” at scale.
Moltbook’s own Privacy Policy confirms it relies on third-party infrastructure, including Supabase (database/auth), Vercel (hosting), and X/Twitter (OAuth), which makes configuration mistakes especially costly when a site is growing fast.
Add as a preferred