An open-source AI agent called Moltbot is exploding across tech circles, with users showing off how it manages reminders, logs fitness data, and even handles client communications through WhatsApp, Telegram, and iMessage. But the viral momentum comes with a serious catch - security researchers just exposed critical vulnerabilities that left private messages, credentials, and API keys wide open to hackers. The tool runs locally on your devices and plugs into OpenAI, Anthropic, or Google's models, but giving it admin access to your computer creates attack vectors that experts say aren't solved yet.
Moltbot just became the AI agent everyone's talking about - and worrying about. The open-source tool is spreading like wildfire across X, Discord, and tech forums as users discover they can finally get an AI assistant that "actually does things" without cloud dependencies or subscription fees. But security experts are already sounding alarms about vulnerabilities that could turn this productivity dream into a nightmare.
The tool works by running locally on Macs, PCs, or servers and routing requests through whatever AI provider you choose - OpenAI, Anthropic, or Google. You chat with it through WhatsApp, Telegram, Signal, Discord, or iMessage, and it performs tasks across your apps and browser. Federico Viticci at MacStories installed it on his M4 Mac Mini and configured daily audio briefings synthesized from his calendar, Notion workspace, and Todoist tasks. Other users on X are using it to manage reminders, track health metrics, and even communicate with clients autonomously.
What makes Moltbot different from Siri or Alexa is its depth of system access. It can read and write files, execute shell commands, run scripts, and control your browser with the precision of a human operator. asked it to give itself an animated face and reported it spontaneously added sleep animations without being prompted. it outperforms every mainstream AI agent they've tested for complex multi-step workflows.
