ACCORDING to SOPA Images Limited via Alamy Stock Photo, Moltbook was an experimental quasi-social-media platform for AI agents that publicly exposed the database it used to store secrets, PII and more. An unsecured internal database exposed a wealth of valuable data, and within days of its creation the platform reportedly had more than 1 million agents, thanks to a lack of rate limiting that allowed unlimited registrations.
In the wake of the exposure, researchers highlighted the risk that many of these bots could be controlled or manipulated, with the possibility of attackers issuing malicious instructions via the platform. On 28 January, an Internet philosopher’s paper coined the Glass Box Paradox, and on 31 January Gal Nagli of Wiz began investigating Moltbook, discovering an API key exposed on the front end that could grant unauthenticated access to the production database; Jamieson O’Reilly later found the same issue.
The piece emphasises that the security risks extend beyond the initial data leak, pointing to potential mega prompt injection and the cascade of risks across agentic networks if guardrails are not established.