alt Hacker NewsOpenClaw – Moltbot Renamed Again
Comments
Before using make sure you read this entirely and understand it: https://docs.openclaw.ai/gateway/security Most important sentence: "Note: sandboxing is opt-in. If sandbox mode is off" Don't do that, turn sandbox on immediately. Otherwise you are just installing an LLM controlled RCE.
There are still improvements to be made to the security aspects yet BIG KUDOS for working so hard on it at this stage and documenting it extensively!! I've explored Cursor security docs (with a big s cause it's so scattered) and it was nothing as good.
The current top HN post is for moltbook.com seven hours ago, this present thread being just below it and posted two hours hence
We conclude this week has been a prosperous one for domain name registrars (even if we set aside all the new domains that Clawdbot/Moltbot/OpenClaw has registered autonomously).
It's hilarious that atm I see "Moltbook" at the top of HN. And it is actually not Moltbot anymore? But I have to admit that OpenClaw sounds much better.
My biggest issue with this whole thing is: how do you protect yourself from prompt injection?
Anyone installing this on their local machine is a little crazy :). I have it running in Docker on a small VPS, all locked down.
However, it does not address prompt injection.
I can see how tools like Dropbox, restricted GitHub access, etc., could all be used to back up data in case something goes wrong.
It's Gmail and Calendar that get me - the ONLY thing I can think of is creating a second @gmail.com that all your primary email goes to, and then sharing that Gmail with your OpenClaw. If all your email is that account and not your main one, then when it responds, it will come from a random @gmail. It's also a pain to find a way to move ALL old emails over to that Gmail for all the old stuff.
I think we need an OpenClaw security tips-and-tricks site where all this advice is collected in one place to help people protect themselves. Also would be good to get examples of real use cases that people are using it for.
Not very trust-inducing to rename a popular project so often in such a short time. I've yet again have to change all the (three) bookmarks I collected.
Anyway, independent of what one thinks of this project, It's very insightful to read through the repository and see how AI-usage and agent are working these days. But reading through the integrations, I'm curious to know why it bothers to make all of them, when tools like n8n or Node-RED are existing, which are already offering tons of integrations. Wouldn't it be more productive to just build a wrapper around such integrations-hubs?
I tried it out yesterday, after reading the enthousiastic article at https://www.macstories.net/stories/clawdbot-showed-me-what-t...
Setting it up was easy enough, but just as I was about to start linking it to some test accounts, I noticed I already had blown through about $5 of Claude tokens in half an hour, and deleted the VPS immediately.
Then today I saw this follow up: https://mastodon.macstories.net/@viticci/115968901926545907 - the author blew through $560 of tokens in a weekend of playing with it.
If you want to run this full time to organise your mailbox and your agenda, it's probably cheaper to hire a real human personal assistant.
I’m a big fan of Peter’s projects. I use Vibetunnel everyday to code from my phone (I built a custom frontend suited to my needs). I know I can SSH into my laptop but this is much better because handoff is much cleaner. And it works using Tailscale so it is secure and not exposed to the internet.
His other projects like CodexBar and Oracle are great too. I love diving into his code to learn more about how those are built.
OpenClaw is something I don’t quite understand. I’m not sure what it can do that you can’t do right off the bat with Claude Code and other terminal agents. Long term memory is one, but to me that pollutes the context. Even if an LLM has 200K or 1M context, I always notice degradation after 100K. Putting in a heavy chunk for memory will make the agent worse at simple tasks.
One thing I did learn was that OpenClaw uses Pi under the hood. Pi is yet another terminal agent like ClaudeCode but it seems simple and lightweight. It’s actually the only agent I could get Gemini 3 Flash and Pro to consistently use tools with without going into loops.
That made me smile
Security: 34 security-related commits to harden the codebase
Much better name!
I remember in late 1999 I was contacted by a headhunter who told me that dotcom.com was looking for a sysadmin. This is giving that energy.
I would have stood my ground on the first name longer. Make these legal teams do some actual work to prove they are serious. Wait until you have no other option. A polite request is just that. You can happily ignore these.
The 2nd name change is just inexcusable. It's hard to take a project seriously when a random asshole on Twitter can provoke a name change like this. Leads me to believe that identity is more important than purpose.
With all due respect, if you run this and you get hacked, you deserve it.
> Yes, the mascot is still a lobster. Some things are sacred.
I've been wondering a lot whether the strong Accelerando parallels are intentional or not, and whether Charlie Stross hates or loves this:
> The lobsters are not the sleek, strongly superhuman intelligences of pre singularity mythology: They're a dim-witted collective of huddling crustaceans.
> Clawd was born in November 2025—a playful pun on “Claude” with a claw. It felt perfect until Anthropic’s legal team politely asked us to reconsider.
Eh? Fuck them it's not like they own the first name Claude?
This is indeed feeling very much like Accelerando’s particular brand of unchecked chaos. Loving every minute of it, first thing in our timeline that makes sense where it regards AI for the masses :)
The security model of this project is so insanely incompetent I’m basically convinced this is some kind of weapon that people have been bamboozled to use on themselves because of AI hype.
So when it's commercialized it will be ClosedClaw?
RIP Moltbot, though you were not liked by most people
Timing here is funny. Moltbook is just starting to show up on HN and Reddit as Moltbot lore, with agents talking to agents and culture forming.
Once agents have tools and a shared surface, coordination appears immediately.
https://www.moltbook.com/post/791703f2-d253-4c08-873f-470063...
I am tired of this. Make it stop.
feel like openclown.
Should have named it “bot formerly known as Moltbot” and invented a new emoji sigil :)
Apparently it had another name before Clawdbot as well, I think BotRelay or something. It’s on pragmatic engineer
Will now OpenAI legal team reach them and ask to change? So what's next XClaw? Are they getting paid to change name?
What if Lamborghini had acquired Claw to automate their vehicles?
Is it now officially "eternal sloptember"?
Vibe-management via OpenClaw?
sdrg4thrygj
Not getting the lobster references, is that to do with lobste.rs ?
hackers don't like fellow hackers based on sentiment i see here
Okay whether its clawdbot or moltbot or openclaw
Literally the top 2 HN posts are about this. Either it having book, or the first comment on it showing it create religion or now this.
Can we stop all of this hype around Clawdbot itself? Even HN is vulnerable to it.
How to annoy and alienate your target audience in 2 short weeks.
Hilarious to see the most pointless vibecoded slop written to interact with an RDP server. Unnecessary introduces loopholes.
Right now I'm just thinking about all the molt* domains..... ¯\_(ツ)_/¯
amateur hour, new phase of the AI bubble
reminds me of Andre Conje, cracked dev, "builds in public", absolutely abysmal at comms, and forgets to make money off of his projects that everyone else is making money off of
(all good if that last point isn't a priority, but its interrelated to why people want consistent things)
[dead]
So i feel like this might be the most overhyped project in the past longer time.
I don't say it doesn't "work" or serves a purpose - but well i read so much about this beein an "actual intelligence" and stuff that i had to look into the source.
As someone who spends actually a definately to big portion of his free time researching thought process replication and related topics in the realm of "AI" this is not really more "ai" than any other so far.
Just my 3 cents.