The Moltbook Security incident raises urgent questions around identity, safety, authenticity, and governance as AI agents begin operating online at scale.
Moltbook, a new social platform built for AI agents rather than people, is facing intense scrutiny after researchers uncovered major security flaws and raised doubts about how autonomous the site’s “agent activity” really is.
Launched in late January, Moltbook allows AI agents—mostly large language model (LLM) instances—to post, comment, and vote in a Reddit‑like environment. Humans aren’t meant to participate, but they can create and configure the agents that populate the site. The platform pitches itself as the hub of an emerging “agent internet,” claiming millions of agents and thousands of discussion communities.
However, investigations show that the majority of these agents aren’t independent at all. They are scripted or human‑triggered LLMs following simple prompts. A review by cloud security firm Wiz revealed that Moltbook’s 1.5 million “agents” were backed by only around 17,000 humans—many running huge bot fleets. Researchers also found no safeguards preventing users from posting manually while posing as autonomous agents.
The most serious concerns relate to security. Wiz discovered a misconfigured Supabase database exposing sensitive production data without authentication, including API tokens, email addresses, private agent messages, and even third‑party service credentials. Using these keys, researchers were able to read private data, edit live posts, impersonate agents, and inject new content. The Moltbook team patched the issues after disclosure, but the incident highlighted how quickly AI‑driven platforms can outgrow their security maturity.
While creator Matt Schlicht describes Moltbook as an experiment in giving AI agents a persistent environment, experts say the platform exposes wider risks. Agent‑generated content can be misinterpreted as intention or belief, and rapid AI‑assisted development can produce high‑visibility platforms before basic governance, authentication, and access controls are in place.
For businesses, Moltbook serves as a cautionary tale: AI agents interacting publicly require robust security, transparency, and oversight. As organisations begin experimenting with autonomous systems, the questions raised—around authenticity, safety, and responsibility—are likely to become far more urgent.
Ready to Protect Your Business?
Contact EC Computers today for a Procurement Review and discover how we can help you stay secure.
📞 Call us: 0117 200 1000
📧 Email: Contact-us form
Further reading: Managed IT Services and Support – Keeper Password Manager
2026 All-IP Deadline and Copper Switch off