Comment by xmcp123
1 day ago
MoltBook is vibe coded. It passed its own API key via client side JS, and in doing so exposed full read/write access to it’s supabase db, complete with over a million API keys.
That is groundbreaking for a product held in such high esteem, just not in a good way.
I lack the words to explain my frustration at this timeline.
I miss the old days of 5.5 years ago when people were skill sceptical of Yudkowsky's AI Box experiment:
https://news.ycombinator.com/item?id=24402893
Am I missing something or are both of the "we convinced someone to let the AI out" claims missing any logs of what was actually said? Why wouldn't that be shared? You can't just claim something is true because you have proof, but not share the proof.
> exposed full read/write access to it’s supabase db, complete with over a million API keys.
When was this lol; I knew it didn’t drop out of the news that fast by inertia alone.
It was revealed by this post by Wiz from the beginning of this month: https://www.wiz.io/blog/exposed-moltbook-database-reveals-mi...
> 35,000 emails. 1.5M API keys. And 17,000 humans behind the not-so-autonomous AI network
Wow, this is sure a brave new world. I'd just recently heard about the project and they've already been pwned so massively. We're accelerating into a future beyond our control.
> vibe coded
s/vibe/slop/;
Honestly “vibe coded” is already so derogatory in my eyes that I didn’t even consider another term