reassess_blind 2 days ago

No, how this works is people sync their Google Calendar and Gmail to have it be their personal assistant, then get their data prompt injected from a malicious “moltbook” post.

Reply View 2 replies
  • mlrtime 2 days ago

    Yes, and the agent can go find other sites that instruct the agent to npm install, including moltbook itself.

    Reply View 1 reply
    • reassess_blind 2 days ago

      Only if you let it. And for those who do, a place where thousands of these agents congregate sounds like a great target. It doesn’t matter if it’s on a throwaway VPS, but people are connecting their real data to these things.

      Reply View 0 replies