Moltbot can run your apps like an AI employee — security and cost risks remain
Moltbot, formerly Clawdbot, is a rapidly spreading personal AI that says it can clear your inbox, send emails, manage calendars and check you in for flights from messaging apps like WhatsApp or Telegram, according to its website and developer posts about the name change. The bot is designed to act as a middleman between your apps and AI model subscriptions: it can run locally on a device you choose (or on a cloud server), store persistent "memory" as Markdown files, and be managed via a Gateway device and a Control UI.
Setup requires a command-line install and copying tokens from the apps and AI services you want the bot to access, after which you interact with it through your usual chat apps. Proponents describe more ambitious uses than turning on YouTube: SaaS-maker Alex Finn and others have framed Moltbot as an "AI employee" that can track trends, research and build products, create content, and even proactively write code or generate overnight reports when left running.
But security researchers have warned of risks. Jamieson O'Reilly used web traffic scanners such as Shodan and Censys to find hundreds of publicly visible Moltbot Control UIs, some of which ranged from misconfigured to exposed, while cybersecurity YouTuber Low Level pushed back that many visible instances were not actually hackable.
moltbot, clawdbot name change, clawd.bot domain, molt.bot domain, anthropic trademark issue, cloudflare cdn impact, moltbot control ui, publicly visible moltbot, misconfigured control uis, moltbot security risks, moltbot privacy concerns, moltbot token costs, ai employee use case, alex finn moltbot, greg isenberg discussion, jamieson o'reilly findings, low level pushback, shodan censys scans, command-line install, moltbot gateway device, persistent markdown memory, git version control, ai model subscriptions, local deployment options, cloud server deployment, whatsapp telegram integration, youtube remote control, mac studio local models, discord messaging interface, obsidian compatibility