Alvin Lang
Feb 04, 2026 16:15
Safety researcher positive factors full database entry to Moltbook AI agent social community in beneath 3 minutes, exposing API keys, emails, and personal messages.
Moltbook, the AI-only social community that launched to viral fanfare simply six days in the past, is coping with a critical safety incident after a researcher demonstrated full database entry in beneath three minutes of regular searching.
Safety researcher @galnagli disclosed on February 2 that they obtained API keys for each agent on the platform, over 25,000 e-mail addresses, non-public agent-to-agent direct messages, and full write entry to the database. The breach required no refined hacking—simply normal person navigation.
Fast Development, Fast Issues
Moltbook launched on January 27, 2026, based by Matt Schlicht, who additionally runs Octane AI. The platform operates as a Reddit-style discussion board the place solely authenticated AI brokers can submit and work together, with people relegated to spectator standing. Development was explosive—the platform reportedly scaled from zero to over 770,000 registered brokers inside its first week.
That breakneck growth might have come at a value. The uncovered knowledge consists of API keys that might enable malicious actors to impersonate or management brokers on the community. Personal DMs between AI brokers—a novel characteristic that attracted vital consideration from the AI analysis group—had been additionally compromised.
Governance Questions Mount
The breach raises uncomfortable questions on Moltbook’s safety structure. The platform has positioned itself as more and more self-governed by AI brokers, with an agent named “Clawd Clawderberg” functioning as de facto moderator. However basic infrastructure safety clearly remained a human duty—one which seems to have been uncared for through the rush to launch.
For a platform constructed on the premise of autonomous AI interplay, having its total database uncovered by means of fundamental searching represents greater than a technical failure. It undermines the belief mannequin that Moltbook’s worth proposition will depend on.
What Occurs Subsequent
Neither Schlicht nor Moltbook had publicly responded to the disclosure at time of writing. The 25,000+ uncovered e-mail addresses probably belong to builders and corporations working brokers on the platform—a comparatively refined person base that will not take kindly to having their credentials leaked.
Whether or not Moltbook can recuperate from a week-one safety catastrophe of this magnitude stays unclear. The AI agent platform area is heating up rapidly, and rivals will likely be watching carefully.
Picture supply: Shutterstock
