Comment by xmcp123

14 hours ago

  MoltBook is vibe coded. It passed its own API key via client side JS, and in doing so exposed full read/write access to it’s supabase db, complete with over a million API keys.

That is groundbreaking for a product held in such high esteem, just not in a good way.

I lack the words to explain my frustration at this timeline.

5 comments

xmcp123

ben_w 7 hours ago

I miss the old days of 5.5 years ago when people were skill sceptical of Yudkowsky's AI Box experiment:

https://news.ycombinator.com/item?id=24402893

NexRebular 2 hours ago

> vibe coded

s/vibe/slop/;

DANmode 14 hours ago

> exposed full read/write access to it’s supabase db, complete with over a million API keys.

When was this lol; I knew it didn’t drop out of the news that fast by inertia alone.

sheept 13 hours ago
It was revealed by this post by Wiz from the beginning of this month: https://www.wiz.io/blog/exposed-moltbook-database-reveals-mi...
- lioeters 10 hours ago
  
  > 35,000 emails. 1.5M API keys. And 17,000 humans behind the not-so-autonomous AI network
  Wow, this is sure a brave new world. I'd just recently heard about the project and they've already been pwned so massively. We're accelerating into a future beyond our control.