Comment by SimianSci
18 hours ago
Clawdbot/Moltbot looks to be a supply-chain attack waiting to happen, and I pity the poor soul who finds out when this ticking time bomb eventually detonates.
18 hours ago
Clawdbot/Moltbot looks to be a supply-chain attack waiting to happen, and I pity the poor soul who finds out when this ticking time bomb eventually detonates.
It already happened with "What would Elon do" plugin
i suspect awareness on supply-chain attacks is already low (though it seems to be increasing in recent times). the attack surface is everything an agent can get their hands on.
Just look at the closed PRs of their project. General technical knowledge is so low it's insane. It attracts weird people.
That’s what first came to my mind, the multiple integrations and cascaded connections probably will introduce multiple attack vectors. But, what’s the hype with motlbot anyway? I can just open any AI app and ask whatever, especially moltbot already uses the same AI vendors.