zlacker

[parent] [thread] 2 comments
1. reasse+(OP)[view] [source] 2026-01-30 12:40:27
No, how this works is people sync their Google Calendar and Gmail to have it be their personal assistant, then get their data prompt injected from a malicious “moltbook” post.
replies(1): >>mlrtim+c1
2. mlrtim+c1[view] [source] 2026-01-30 12:50:54
>>reasse+(OP)
Yes, and the agent can go find other sites that instruct the agent to npm install, including moltbook itself.
replies(1): >>reasse+a3
◧◩
3. reasse+a3[view] [source] [discussion] 2026-01-30 13:06:06
>>mlrtim+c1
Only if you let it. And for those who do, a place where thousands of these agents congregate sounds like a great target. It doesn’t matter if it’s on a throwaway VPS, but people are connecting their real data to these things.
[go to top]