Comment by esskay
10 hours ago
Fwiw the new 'maltbot' (molt.bot) is the legit one and can be verified on the official github repo which has had its org changed and loads here: https://github.com/moltbot/moltbot (the original redirects for some added reassurance).
My understanding it was a very quick rebrand due to Anthropic sending a takedown notice so theres still references to the old name.
molt.bot is connected to the same spam network - growing number of backlinks and reddit shilling just in the past 24 hours.
I saw at least 2-3 security reports as well pointing to various critical vulnerability.
Looked at the source as well - it makes zero sense. A lot of random commits. I suspect it would be trivial to introduce a backdoor the way this project is managed.
Too many red flags.
I would personally not touch this project.
I would likely not touch the product because of the implications of providing an LLM full system access. With the pump-and-dump coin chumps, it's possible they use the carapace of software as a hype-vehicle with no relation to the dev.
Would you be willing to share these links? ROT13 or base64 encode the URLs.