Comment by linkage
15 hours ago
It's certainly easier than setting up and maintaining a VPS and probably less expensive for most users, but your data is not private. Cloudflare can always read everything that goes through Moltworker and its attached storage.
Hosting Moltbot on your own hardware reigns supreme.
Ive recently been working on this which could facilitate some isolation on your own VPS:
https://GitHub.com/jgbrwn/vibebin
I think if you care about privacy and security, you wouldn't run moltbot in the first place (or wouldn't give it access to anything you wanted to keep private).
That overstates it a bit. Yeah, it's mostly vibe-coded and the main dev has publicly said he has yet to review the reported vulnerabilities. I am aware that it can be easily pwned with prompt injection from its data sources.
I'm running it on my old Mac mini right now and I have not given it access to untrusted inputs like my email inbox. It only has access to my filesystem (synced to my laptop with Syncthing), local applications like Apple Reminders, and OpenRouter. I already find it useful for augmenting web searches with stuff that's in my Obsidian vault.
If you’re letting it access websites then presumably it’s open to prompt injection from those sites you’re accessing? I guess the attack surface is reduced if it doesn’t have access to anything useful beyond that.