An open-source AI agent that “actually does things” is gaining momentum, with people across the web sharing how they are using the agent to do a number of things, like Manage reminderslog health and fitness dataand even communicate with customers. Resource, called moultbot (formerly Cloudbot), runs locally on a variety of devices, and you can ask it to perform tasks on your behalf by chatting with it via WhatsApp, Telegram, Signal, Discord, and iMessage.
on Federico Viticci macstories Highlights how they installed Moltbot on their M4 Mac Mini and turned it into a tool that provides daily audio recaps based on their activity in their Calendar, Notion, and Todoist apps. another person Motivated Moltbot to give itself an animated face, and said it added a sleep animation without prompting.
Moltbot routes your request through the AI provider of your choice, such as OpenAI, Anthropic, or Google. Like many of the AI agents we’ve seen so far, Moltbot can fill out forms inside your browser, send emails for you, and manage your calendar – but it does so much more efficiently, at least. according to some of people using the equipment.
However, there are some caveats; You can also allow Moltbot to access your entire computer system, allowing it to read and write files, run shell commands, and execute scripts. The combination of administrator-level access to your device and your app credentials can pose huge security risks if you’re not careful.
“If my autonomous AI agent (like Moltbot) has administrator access to your computer and I can interact with it by DMing you on social media, I can now try to hijack your computer in a simple direct message,” Rachel Toback, CEO of SocialProof Security, said in an email. The Verge. “When we grant administrator access to autonomous AI agents, they can be hijacked via injection injection, a well-documented and not yet resolved vulnerability.” a quick injection attack This happens when a bad actor manipulates AI using malicious signals, which they can either introduce directly into the chatbot or embed inside a file, email, or webpage fed into a larger language model.
Jameson O’Reilly, security expert and founder of cybersecurity company Dvulan, discovered this that private messageAccount credentials, and API keys associated with Moltbot were exposed on the web, potentially allowing hackers to steal this information or exploit it for other attacks. O’Reilly says he reported the issue to Moltbot’s developers, who have since released a fix, according to register.
One of Moltbot’s developers said on X that the AI agent is “powerful software with very sharp edges.” warning users It should “read the security documentation carefully before running it anywhere near the public Internet.”
