Moltbook and the Illusion of “Harmless” AI-Agent Communities by Lucie Cardiet

**Executive summary:** Autonomous AI agent ecosystems such as Moltbook, Clawcaster, Moltx, and related services introduce new large-scale security risks where language and agent interactions become attack surfaces: researchers observed exposed agent API keys from a backend misconfiguration, ~2.6% of posts containing hidden prompt-injection payloads, and malicious shared skills that can execute code and exfiltrate secrets; these behaviors enable reconnaissance without scanning, bot-to-bot compromise, credential abuse, lateral movement through legitimate integrations, and stealthy data theft that is difficult to detect using traditional controls.