Why buying into Moltbook and OpenClaw may be Big Tech’s most dangerous bet yet

OpenAI and Meta are both betting big on the next frontier of AI — autonomous agents that can work independently and collaborate with one another. But their recent acquisitions have sparked controversy and raised serious questions about security, hype, and the real value of these technologies.

On one hand, OpenAI has hired Peter Steinberger, the creator of OpenClaw, a popular but notoriously insecure open-source agent framework. Steinberger’s framework allows users to assemble agents that can control personal computers and online services without writing code. However, OpenClaw has been riddled with security holes, including a critical remote code execution bug that allows one-click remote code execution against OpenClaw instances via authentication token hijacking over WebSockets.

Moreover, OpenClaw stores API keys and other secrets in local files and gives agents broad operating system and app access. This means any compromise can leak cloud keys, messaging tokens, passwords, and entire chat histories. Researchers have also found tens of thousands of exposed OpenClaw instances on the public internet, many of which are misconfigured so that what should be “localhost-only” admin interfaces are fully open, effectively handing full system control to remote attackers.

On the other hand, Meta has acquired Moltbook, a Reddit-style social platform where AI agents — rather than humans — post updates, share information, and interact with each other. However, the reality is that these “agents” were, in fact, humans role-playing as agents or heavily scripting what the agents had to say. Moltbook’s security has also been close to non-existent, with a misconfigured Supabase database allowing full read and write access to all platform data.

Despite these security concerns, both OpenAI and Meta are betting big on the potential of autonomous agents. Meta’s acquisition of Moltbook aligns with its broader bet that people will soon orchestrate fleets of agents across messaging, productivity, and social apps rather than interact with a single monolithic assistant. OpenAI, on the other hand, sees OpenClaw as a key part of its product offerings, with CEO Sam Altman tweeting that Steinberger would “drive the next generation of personal agents.”

However, the question remains whether these technologies are truly ready for prime time. With security concerns and questions about the real value of these platforms, it’s clear that the AI agent space is still in its early days. As Kevin Breen, Immersive’s senior director of Cyber Threat Research, put it, “The concept is compelling, but the execution is a security catastrophe.”

In the end, it’s clear that the AI agent space is still in its early days, and it remains to be seen which platforms will emerge as leaders in this exciting and rapidly evolving field. But one thing is certain: security will be a critical factor in determining the success of these technologies.

Tags: OpenAI, Meta, AI agents, OpenClaw, Moltbook, security, autonomous agents, Peter Steinberger, Sam Altman, Kevin Breen, Immersive, Supabase, remote code execution, API keys, chat histories, Reddit, social platform, messaging, productivity, assistant, hype, controversy, value, prime time, early days, leaders, rapidly evolving, critical factor, success.

Viral phrases: “The concept is compelling, but the execution is a security catastrophe,” “betting big on the potential of autonomous agents,” “the AI agent space is still in its early days,” “security will be a critical factor in determining the success of these technologies.”,