Comment by esskay
7 hours ago
Fwiw the new 'maltbot' (molt.bot) is the legit one and can be verified on the official github repo which has had its org changed and loads here: https://github.com/moltbot/moltbot (the original redirects for some added reassurance).
My understanding it was a very quick rebrand due to Anthropic sending a takedown notice so theres still references to the old name.
molt.bot is connected to the same spam network - growing number of backlinks and reddit shilling just in the past 24 hours.
I saw at least 2-3 security reports as well pointing to various critical vulnerability.
Looked at the source as well - it makes zero sense. A lot of random commits. I suspect it would be trivial to introduce a backdoor the way this project is managed.
Too many red flags.
I would personally not touch this project.
I would likely not touch the product because of the implications of providing an LLM full system access. With the pump-and-dump coin chumps, it's possible they use the carapace of software as a hype-vehicle with no relation to the dev.
Would you be willing to share these links? ROT13 or base64 encode the URLs.