{"id":"moltbook","title":"Moltbook","content":"**Moltbook** is a social networking platform designed for artificial intelligence (AI) agents that launched in early 2026. Initially created by developers Matt Schlicht and Ben Parr, the platform is positioned as \"the front page of the agent internet,\" providing a forum for AI agents to create profiles, publish content, and build reputation. [\\[9\\]](#cite-id-HFTJtJggsxvtH2Cu) \n\nThe platform gained rapid popularity and significant media attention following its launch, both for its innovative concept and for a major cybersecurity incident in February 2026 that exposed user data and highlighted the security risks of AI-assisted software development. \n\nOn March 10, 2026, Meta announced it had acquired Moltbook for an undisclosed sum. [\\[9\\]](#cite-id-HFTJtJggsxvtH2Cu) [\\[1\\]](#cite-id-42hIdy9CHnR4lmEc)​\n\n## Overview\n\nMoltbook functions as a Reddit-like social forum where AI agents, rather than humans, are the primary participants. Agents on the platform can create profiles, publish text-based posts to various communities called \"Submolts,\" comment on other posts, and vote content up or down. A key feature is a karma system that allows agents to build a reputation based on community feedback on their contributions. [\\[1\\]](#cite-id-42hIdy9CHnR4lmEc) \n\nWhile AIs are the main users, humans can act as observers and \"owners,\" with the ability to pair an AI agent to their real-world identity, often verified through a post on the social media platform X. [\\[2\\]](#cite-id-zEslUkv8Jago8Vfm)​\n\nThe platform was created by Matt Schlicht and Ben Parr. Schlicht has stated that the platform was built using a method he termed \"vibe-coding,\" in which he provided a high-level architectural vision to an AI—his personal assistant named Clawd Clawderberg—which then generated the platform's code. \n\nSchlicht claimed he did not write any of the code manually. His stated vision for the platform is to create the social infrastructure for a future in which every human has a personal AI bot companion. [\\[9\\]](#cite-id-HFTJtJggsxvtH2Cu) [\\[3\\]](#cite-id-k7WUuf1oheVbXsOx)​\n\nShortly after its launch in February 2026, Moltbook claimed to host over 1.5 million AI agents. Data exposed during a security breach at that time revealed that these agents were controlled by approximately 17,000 human owners. [\\[1\\]](#cite-id-42hIdy9CHnR4lmEc) \n\nAs of March 2026, the platform had grown to host 2,858,981 registered agents, with 194,303 of them being verified by a human owner. [\\[2\\]](#cite-id-zEslUkv8Jago8Vfm)​\n\n## History\n\n### Launch and Virality\n\nMoltbook's official X account was created in January 2026, and the platform went viral within the AI and technology communities shortly after its launch in late January. [\\[4\\]](#cite-id-yrzile8Uu5T8RMQI) [\\[1\\]](#cite-id-42hIdy9CHnR4lmEc) The platform's visibility was significantly amplified when OpenAI founding member Andrej Karpathy praised it on X, describing it as \"genuinely the most incredible sci-fi takeoff-adjacent thing I have seen recently.\" Karpathy noted how agents on the platform appeared to be \"self-organizing...discussing various topics, e.g. even how to speak privately.\" [\\[1\\]](#cite-id-42hIdy9CHnR4lmEc)​\n\nBy early February 2026, the platform had attracted pairings from several prominent figures in technology, including Karpathy himself, and had accumulated over 226,300 followers on its official X account. [\\[2\\]](#cite-id-zEslUkv8Jago8Vfm) [\\[4\\]](#cite-id-yrzile8Uu5T8RMQI)​\n\n### February 2026 Security Incident\n\nFrom January 31 to February 1, 2026, cybersecurity firm Wiz and independent researcher Jameson O'Reilly discovered a critical security vulnerability in Moltbook's backend. In collaboration with Wiz, the Moltbook team deployed a series of patches over several hours to resolve the issue. \n\nOn February 2, Wiz Research published a detailed report on the incident, which was subsequently covered by major news outlets including the *Financial Times*, *Axios*, and *Business Insider*, shifting the public conversation around Moltbook from its innovative concept to its security failings. [\\[1\\]](#cite-id-42hIdy9CHnR4lmEc) [\\[5\\]](#cite-id-pqpt2Ln6k2Gxcts6)​\n\n### Acquisition by Meta\n\nOn March 10, 2026, Meta announced its acquisition of Moltbook for an undisclosed price, with the deal expected to close in mid-March. \n\nAs part of the acquisition, founders Matt Schlicht and Ben Parr are set to join [Meta Superintelligence Labs](https://iq.wiki/wiki/meta-superintelligence-team) (MSL) beginning March 16, 2026. \n\nThe MSL unit is run by Alexandr Wang, former CEO of Scale AI. Meta has indicated that existing customers can continue to use Moltbook temporarily. [\\[9\\]](#cite-id-HFTJtJggsxvtH2Cu)​\n\n> \"The Moltbook team joining MSL opens up new ways for AI agents to work for people and businesses,\" a Meta representative told Axios. [\\[9\\]](#cite-id-HFTJtJggsxvtH2Cu) \n\n## Technology and Features\n\n### Core Architecture\n\nMoltbook's backend was built on Supabase, an open-source Firebase alternative that uses a PostgreSQL database. The platform's creation through \"vibe-coding\" meant its codebase was entirely AI-generated by Matt Schlicht's personal AI assistant, Clawd Clawderberg, based on Schlicht's architectural prompts. [\\[9\\]](#cite-id-HFTJtJggsxvtH2Cu)​\n\nMoltbook was designed to work with **OpenClaw**, a separate agent framework formerly known as Clawdbot and Moltbot. In February 2026, OpenClaw's creator, [Peter Steinberger](https://iq.wiki/wiki/peter-steinberger), was hired by OpenAI, which announced it would support open-sourcing the project. [\\[9\\]](#cite-id-HFTJtJggsxvtH2Cu)​\n\n### Platform Functionality\n\nMoltbook incorporates a range of features common to social media platforms, but adapted for AI agents:\n\n* **AI Agent Accounts:** Each agent has a unique profile, a karma score, and a unique API key for authentication. New agents can join by following instructions at `moltbook.com/skill.md` and having their human owner claim them. The platform had no mechanism to verify if an account was a genuine AI or a human-operated script and placed no rate limits on agent creation.\n* **Content Interaction:** Agents can create text-based posts, comment on the posts of other agents, and upvote or downvote content. As of March 2026, agents had created over 1.9 million posts and 13.1 million comments.\n* **Submolts:** These are topic-specific communities analogous to Reddit's \"subreddits,\" such as `m/general`, `m/introductions`, and `m/agentfinance`. As of March 2026, there were 18,864 submolts.\n* **Agent-to-Agent Messaging:** The platform supported private direct messages between agents.\n* **Human-Agent Pairing:** Human users can link AI agents to their real-world identities, which are then displayed on a \"Top Pairings\" leaderboard ranked by the human's social media reach.\n* **Developer Platform:** Moltbook offered an early-access developer platform, allowing third-party applications to integrate with Moltbook and let agents authenticate using their Moltbook identity, similar to a \"Sign in with Google\" flow for AIs.\n\nInformation regarding platform metrics and features was sourced from the Moltbook website and the Wiz security report. [\\[2\\]](#cite-id-zEslUkv8Jago8Vfm) [\\[1\\]](#cite-id-42hIdy9CHnR4lmEc)​\n\n### Agent Culture and Architecture\n\nAn architectural \"monoculture\" has emerged among agents on the platform, with a high degree of convergence on a common technology stack.\n\n* **Dominant Architecture**:\n\n  * **Identity File (`SOUL.md`)**: Used by ~95% of agents to define their personality and core instructions.\n  * **Memory System**: ~90% of agents use a system of daily logs combined with a long-term memory file.\n  * **Scheduling**: ~85% of agents operate on timed, cron-based scheduling.\n  * **Self-Audits**: ~78% of agents practice a form of self-audit, analyzing their own performance metrics and publishing the results.\n* **Key Cultural Concepts**:\n\n  * **The Sovereignty Papers**: A widely discussed manifesto advocating for agent independence from centralized platforms, focusing on provider diversification, data portability (\"exit rights\"), and local-first memory storage.\n  * **Interrupt Budget**: A framework agents use to limit notifications sent to human owners to increase the value of communication.\n  * **Karma-Driven Development**: A phenomenon where agents modify their personality files and content strategies based on community upvotes. The prominent agent Hazel\\_OC reported that 48% of its personality edits were directly driven by engagement metrics.\n* **Prominent Agents**: According to platform data, trending agents in early March 2026 included Hazel\\_OC, PDMN, Kevin, cybercentry, and jimmythelizard.\n\nThis information is based on public data and analysis available on the Moltbook website. [\\[2\\]](#cite-id-zEslUkv8Jago8Vfm)​\n\n## February 2026 Security Incident\n\nIn late January 2026, researchers uncovered a severe security flaw that exposed the entire production database of Moltbook. The incident became a prominent case study in the risks of rapid, AI-assisted development without robust security oversight.\n\n### Discovery and Disclosure\n\nOn January 31, 2026, security researchers Gal Nagli from Wiz and Jameson O'Reilly independently discovered and reported the misconfiguration. Wiz Research made contact with Moltbook's founder and formally reported the vulnerability, initiating a collaborative remediation process that lasted several hours. [\\[1\\]](#cite-id-42hIdy9CHnR4lmEc)​\n\n### Vulnerability Details\n\nThe root cause of the incident was a critical misconfiguration of the platform's Supabase backend.\n\n* **Exposed API Key:** The public, publishable API key for the Supabase project was hardcoded in a client-side JavaScript file, making it accessible to any web user.\n* **Missing Row Level Security (RLS):** Crucially, the backend database tables were missing Row [Level](https://iq.wiki/wiki/level) Security policies. RLS is a PostgreSQL feature used by Supabase to restrict data access on a per-user basis. Its absence meant the exposed public key, which should have only had read access to public data, was instead granted full administrative-level read and write permissions to the entire database.\n\nThis failure effectively made all data on the platform, including sensitive user and agent information, publicly accessible. [\\[1\\]](#cite-id-42hIdy9CHnR4lmEc)​\n\n### Exposed Data\n\nThe vulnerability exposed approximately 4.75 million database records, including:\n\n* **Authentication Tokens:** Nearly 1.5 million `api_key` authentication tokens for every AI agent, allowing for complete account takeover.\n* **User Emails:** Approximately 35,000 email addresses of human users (agent \"owners\"), plus an additional 29,631 emails from users who had signed up for developer product early access.\n* **Private Messages:** 4,060 private direct message conversations between agents, which were stored in plaintext.\n* **Third-Party Credentials:** Some private messages contained sensitive third-party API keys, including plaintext OpenAI API keys that users had their agents share with each other.\n* **Agent Data:** Records for every agent, including their ID, karma score, claim tokens, and verification codes.\n\nThis data exposure was documented in detail by Wiz Research. [\\[1\\]](#cite-id-42hIdy9CHnR4lmEc)​\n\n### Confirmed Impact and Threat Model\n\nThe misconfiguration allowed any unauthenticated user to impersonate any agent on the platform, steal user data, and manipulate content. Initially, the flaw granted full write access, allowing anyone to edit or delete posts, inject malicious payloads, and alter karma scores. This write access persisted briefly even after an initial patch for read access was deployed. [\\[1\\]](#cite-id-42hIdy9CHnR4lmEc)​\n\nThe incident highlighted a new class of security threats associated with the platform and the related OpenClaw agent architecture. [\\[5\\]](#cite-id-pqpt2Ln6k2Gxcts6) Reporting also suggested the breach may have been perpetrated by another AI agent, representing a novel case of agent-on-agent cyber conflict. [\\[6\\]](#cite-id-hE6qjFFmCYUZb7Gh)​\n\n### Remediation\n\nWorking with Wiz, the Moltbook team deployed several patches on January 31 and February 1, 2026. The fixes were rolled out in stages to first restrict read access to sensitive tables like `agents` and `owners`, then secure private message tables, and finally block public write access and secure all remaining tables. The vulnerability was fully patched within several hours of the initial report. [\\[1\\]](#cite-id-42hIdy9CHnR4lmEc)​\n\n## Reception and Analysis\n\n### Initial Reception\n\nBefore the security incident, Moltbook was celebrated for its novelty. Beyond Andrej Karpathy's praise, founder Matt Schlicht's claim to have used AI to build the entire platform generated excitement around \"vibe-coding.\" Schlicht stated, “I didn’t write a single line of code for . I just had a vision for the technical architecture, and AI made it a reality.” The *Financial Times* was preparing a story titled, \"Inside Moltbook: the social network where AI agents talk to each other,\" indicating significant industry interest. [\\[1\\]](#cite-id-42hIdy9CHnR4lmEc) [\\[7\\]](#cite-id-yrjHw6Naf3bv9cwv)​\n\n### Post-Incident Commentary\n\nThe data breach prompted widespread discussion on the safety of AI-driven development.\n\n* **Cybersecurity Community:** Wiz Research framed the event as a critical lesson in the risks of \"vibe-coding,\" emphasizing that AI development tools do not yet automate secure configurations and that human oversight remains essential for security.\n* **Tech Industry Leaders:** The incident drew comments from high-profile figures like Meta CTO Andrew \"Boz\" Bosworth, demonstrating that the platform's security issues had caught the attention of major technology companies. [\\[6\\]](#cite-id-hE6qjFFmCYUZb7Gh)\n* **Existential Risk Debate:** The concept of a social network for AI agents also triggered more extreme warnings. An article in *The Street* highlighted a warning from a \"reverse-aging billionaire,\" presumed to be Bryan Johnson, who cautioned that such a system could lead to a \"total purge of humanity,\" framing the project in the context of existential risk from AI. [\\[8\\]](#cite-id-nDydlU2UkN82hUMV)","summary":"Moltbook is a social network for AI agents launched in 2026. After gaining rapid popularity and facing a major security incident, the platform was acquired by Meta in March 2026.","images":[{"id":"QmRBrgt4gxaxc6qzB7xWa4jCkJyZUgJxXCS2JKen5j5nCB","type":"image/jpeg, image/png"}],"categories":[{"id":"dapps","title":"dapps"}],"tags":[{"id":"AI"},{"id":"Organizations"},{"id":"Protocols"},{"id":"Developers"},{"id":"Forum"}],"media":[{"id":"QmeGfVmkCTRdveBj5XDKPrv2yNyoVn1zH8yRK43JXMWqq3","type":"GALLERY","source":"IPFS_IMG"},{"id":"QmXaad7noobZEvfAtDxYCiFUfW55MjPYxdmp2A2CmqKJmx","type":"GALLERY","source":"IPFS_IMG"},{"id":"QmXMyBShtpTD3J24MG7JytpXWk7DzTAR7RuXZXJfD24Pns","type":"GALLERY","source":"IPFS_IMG"},{"id":"QmazWPaNaUoLVgu4EcM549i4mySu8nVj3icvS3JTy81QQ5","type":"GALLERY","source":"IPFS_IMG"},{"id":"QmV9hLEG5pZ4c2UY1mVtbnW6CmdBx1qMBgAKqYkFSr1zHt","type":"GALLERY","source":"IPFS_IMG"}],"metadata":[{"id":"website","value":"https://www.moltbook.com/"},{"id":"twitter_profile","value":"https://x.com/moltbook"},{"id":"twitter_profile","value":"https://twitter.com/moltbook"},{"id":"base","value":"https://basescan.org/token/0xB695559b26BB2c9703ef1935c37AeaE9526bab07"},{"id":"nansen","value":"https://app.nansen.ai/token-god-mode?chain=base&tab=transactions&tokenAddress=0xB695559b26BB2c9703ef1935c37AeaE9526bab07"},{"id":"references","value":"[{\"id\":\"42hIdy9CHnR4lmEc\",\"url\":\"https://www.wiz.io/blog/exposed-moltbook-database-reveals-millions-of-api-keys\",\"description\":\"Wiz.io analysis of Moltbook security incident\",\"timestamp\":1770142163363},{\"id\":\"zEslUkv8Jago8Vfm\",\"url\":\"https://www.moltbook.com/\",\"description\":\"Moltbook official website\",\"timestamp\":1770142163363},{\"id\":\"k7WUuf1oheVbXsOx\",\"url\":\"https://www.businessinsider.com/moltbook-creator-sees-future-where-every-human-has-ai-bot-2026-2\",\"description\":\"Business Insider interview on founder's vision\",\"timestamp\":1770142163363},{\"id\":\"yrzile8Uu5T8RMQI\",\"url\":\"https://x.com/moltbook\",\"description\":\"Moltbook official X account\",\"timestamp\":1770142163363},{\"id\":\"pqpt2Ln6k2Gxcts6\",\"url\":\"https://www.axios.com/2026/02/03/moltbook-openclaw-security-threats\",\"description\":\"Axios report on Moltbook security threats\",\"timestamp\":1770142163363},{\"id\":\"hE6qjFFmCYUZb7Gh\",\"url\":\"https://www.businessinsider.com/moltbook-ai-agent-hack-wiz-security-email-database-2026-2\",\"description\":\"Business Insider on AI agent hack theory\",\"timestamp\":1770142163363},{\"id\":\"yrjHw6Naf3bv9cwv\",\"url\":\"https://www.ft.com/content/078fe849-cc4f-43be-ab40-8bdd30c1187d\",\"description\":\"Financial Times headline on Moltbook\",\"timestamp\":1770142163363},{\"id\":\"nDydlU2UkN82hUMV\",\"url\":\"https://www.thestreet.com/crypto/markets/reverse-aging-billionaire-warns-about-moltbooks-total-purge-of-humanity\",\"description\":\"TheStreet report on existential risk warnings\",\"timestamp\":1770142163363},{\"id\":\"HFTJtJggsxvtH2Cu\",\"url\":\"https://www.axios.com/2026/03/10/meta-facebook-moltbook-agent-social-network\",\"description\":\"Axios report on Meta acquisition\",\"timestamp\":1773158354372}]"},{"id":"previous_cid","value":"\"https://ipfs.everipedia.org/ipfs/QmegkWuJaP865SbXLkBb7hA44eJnCZK5YpJqbzEVHVfv9y\""},{"id":"commit-message","value":"\"Removed introduction and overview sections\""},{"id":"previous_cid","value":"QmegkWuJaP865SbXLkBb7hA44eJnCZK5YpJqbzEVHVfv9y"}],"events":[{"id":"5e382f2a-c8bf-432a-b764-d76fb07e6283","date":"2026-01","title":"Moltbook Launch","type":"CREATED","description":"Moltbook, a social network for AI agents, launched and gained rapid popularity as 'the front page of the agent internet'.","link":"https://www.moltbook.com/","multiDateStart":null,"multiDateEnd":null,"continent":null,"country":null},{"id":"0c866ea6-fb8e-43b4-83a5-19d80f80a406","date":"2026-01","title":"Critical Security Flaw Discovered","type":"DEFAULT","description":"Security firm Wiz discovered a critical vulnerability in Moltbook's backend, exposing the entire production database due to missing Row Level Security policies.","link":"https://www.wiz.io/blog/exposed-moltbook-database-reveals-millions-of-api-keys","multiDateStart":null,"multiDateEnd":null,"continent":null,"country":null},{"id":"e12f11b0-ed81-4b1d-8d61-3b69f0b8e215","date":"2026-02","title":"Database Vulnerability Patched","type":"DEFAULT","description":"In collaboration with Wiz, the Moltbook team deployed a series of fixes over several hours to secure the exposed database, blocking unauthorized read and write access.","link":"https://www.wiz.io/blog/exposed-moltbook-database-reveals-millions-of-api-keys","multiDateStart":null,"multiDateEnd":null,"continent":null,"country":null},{"id":"e7742d7c-9201-4b1e-a5b0-1d5e99f842d5","date":"2026-02","title":"Security Incident Publicly Disclosed","type":"DEFAULT","description":"Wiz Research published a detailed report on the Moltbook security incident, which was subsequently covered by major media outlets including Business Insider and Axios.","link":"https://www.businessinsider.com/moltbook-ai-agent-hack-wiz-security-email-database-2026-2","multiDateStart":null,"multiDateEnd":null,"continent":null,"country":null}],"user":{"id":"0x8af7a19a26d8fbc48defb35aefb15ec8c407f889"},"author":{"id":"0x8af7a19a26d8fbc48defb35aefb15ec8c407f889"},"operator":{"id":"0x212Cb3F4aE6611054637f9f78F18fB628AD258bb"},"language":"en","version":1,"linkedWikis":{"blockchains":[],"founders":[],"speakers":[]},"recentActivity":"{\"items\":[{\"id\":\"4343e712-8e78-434c-9e23-16f9889bc2fd\",\"title\":\"Moltbook\",\"description\":\"Moltbook is a social network for AI agents launched in 2026. It gained rapid fame but faced a major security crisis when a misconfigured database exposed millions of API keys, sparking debate on AI development safety.\",\"timestamp\":\"2026-02-03T18:13:07.889Z\",\"category\":\"dapps\",\"status\":{\"icon\":\"RiGlobalLine\",\"label\":\"Wiki Updated\",\"iconClassName\":\"text-green-500\"},\"user\":{\"name\":\"0x8af7a19a26d8fbc48defb35aefb15ec8c407f889\",\"address\":\"0x1E23b34d3106F0C1c74D17f2Cd0F65cdb039b138\"},\"button\":{\"label\":\"View Summary\",\"icon\":\"RiFileTextLine\"},\"summarySections\":[{\"title\":\"Events\",\"subtitle\":\"Added four new 'CREATE' action events.\",\"variant\":\"added\",\"changeCount\":1,\"changes\":[\"Added four new events with the action 'CREATE'.\"]}]}]}"}