alt Hacker NewsRun Clawdbot/Moltbot on Cloudflare with Moltworker
Comments
Clawdbot/Moltbot looks to be a supply-chain attack waiting to happen, and I pity the poor soul who finds out when this ticking time bomb eventually detonates.
I wish they would give a real-world cost estimate of what this would look like. They have a section of it "in action" [1] and I wish they would be like, "with this setup, the invoice is going to look like this, include these products, and with similar daily usage be about $XXX.00 per month."
[1] https://blog.cloudflare.com/moltworker-self-hosted-ai-agent/...
On one hand, with the top comments of the rebrand post showing how many insecure deployments there are, something like this alongside cloudflare zero trust is probably a much more secure solution.
On the other hand, I just wanna point out
> Firstly, Cloudflare Workers has never been so compatible with Node.js. Where in the past we had to mock APIs to get some packages running, now those APIs are supported natively by the Workers Runtime.
Deployed a project a couple of days ago, and compared to past attempts where I had to wrangle (pun intended) with certain configs for deployment styles for node based applications, the normal build tooling just worked out of the box. Planning to move a couple of my free-from-me high DAU user projects that are on the vercel premium tier over to CF workers.
I have a bespoke local agent that I built over the last year, similar in facilities to Moltbot, but more deterministic code.
Running it this kind of agent in the cloud certainly has upsides, but also:
- All home/local integrations are gone.
- Data needs to be stored in the cloud.
No thanks.
It's certainly easier than setting up and maintaining a VPS and probably less expensive for most users, but your data is not private. Cloudflare can always read everything that goes through Moltworker and its attached storage.
Hosting Moltbot on your own hardware reigns supreme.
Main problem to solve is Prompt Injection protection from Websites, emails. If cloudflare could proxy all the URLs outgoing from an agent, scrub away or block Prompt injection sites/pages/emails/chats , that's a product i might find valuable.
I understand the downsides of Moltbot better than the upsides. What does it have that running a coding agent in a VM doesn't give you?
Oh man, so many big players are JUMPING on this bandwagon! I got an email for Digital Ocean's Moltbot app this morning. All of them are touting their increased security over rolling your own.
Can someone explain how this thing skyrocketed Cloudflare stock from $183 to $210 in a day? There were a bunch of articles yesterday about that but it’s so weird…
Agent phishing is going to boom. It is wildly reckless and insecure to you hook these things up to anything you actually care about until prompt injection is no longer a thing.
Repo: https://github.com/cloudflare/moltworker
How are the vibes on this one?
These breathy blogposts are getting way ahead of their service uptime. Advertising CF Workers while your CF Worker fleet is under impact is certainly a vibe
> Workers Rate limit Degradation
> Update - We are continuing to work on a fix for this issue.
Another "vibe" coding-as-a-service? https://news.ycombinator.com/item?id=46781516
There is so much branding and "look at our success" marketing that this project comes off as heavily astro-turfed. Im sure in a month or two we will hear about the new startup the developers are making around this tool.
Ultimately its a convenience wrapper that makes it easy to wire up Claude or Chatgpt to a chat platform like discord, but its claiming to be far more revolutionary for reasons I dont yet know.