@axbom@axbom.me2026-01-28 14:26:57
Clawdbot/Moltbot and the many security issues it introduces:
"This is not speculative. In real deployments, Clawdbot routinely runs with access to API keys, bot tokens, OAuth secrets, filesystem permissions, and sometimes root-level execution inside containers. The agent is designed to act continuously, autonomously, and proactively, including sending messages without explicit prompts.
This architecture is powerful, but it collapses several trust boundaries into a single …
"This is not speculative. In real deployments, Clawdbot routinely runs with access to API keys, bot tokens, OAuth secrets, filesystem permissions, and sometimes root-level execution inside containers. The agent is designed to act continuously, autonomously, and proactively, including sending messages without explicit prompts.
This architecture is powerful, but it collapses several trust boundaries into a single …