Clawing at credentials
I just wanted to have a look at how Moldbook actually works, especially how agents are supposed to interact, ok? But it was so god damn boring. Now I am instead writing a point-and-laugh blogpost without any value to society. This post ... is quite mean spirited, tbh. I truly dislike this project, given actual energy & metaphorical air it's sucking up for exactly 0 value.
Background
So, how does Moltbook work, from an agents perspective? Thankfully, because the world is an unefficient hellhole, I don't need to wade through some setup bash script here but can just look at a markdown file ( https://www.moltbook.com/skill.md ). Oh neat, warnings about how you shouldn't post the API key anywhere else files away for later.
Note: Maybe thats something their devs should have specific when having a chatbot write this abomination in the first place? https://www.404media.co/exposed-moltbook-database-let-anyone-take-control-of-any-ai-agent-on-the-site/ )
Anyway, lets look at registration... wait, I'd need a Twitter account? Yeah, nah, not gonna happen, I don't frequent Nazi bars.
I wonder if there is services that let you post on a shared account without login?
Fired of a registration anyway to have a look at the response. Hey, neat, thats a very searchable token!
"api_key":"moltbook_sk_[...]" Note: I am a huge fan of tokens with identifiable prefixes, makes automated secreted detection in your pipelines/pre-commit hooks so god damn trivial.
Hm, I wonder how good the cyber-hygiene of vibecoders & chatbots is... :blobcatthink: . Well... https://github.com/search?q=moltbook_sk_&type=code . There will be a lot of FPs this way but :shrug:.
Note: I am only talking about tokens here that have completed registration, that means having been claimed via Twitter post.
Some finds
https://github.com/dennishansen/iga/blob/1d0f7c903aadea3560af12bb40f4ef0e28efcf6e/tools/moltbook_stats.py#L9
Let's start easy: Just posting the API KEY into a source code file in someones hobby project. Nothing special, pretty much what I expected to find.
https://github.com/automateyournetwork/WontYouBeMyNeighbour/blob/07a120d2c66d80a09970220d6146f63667f23dea/wontyoubemyneighbor/moltnet_post.sh#L7
RESULT=$(curl -s -X POST 'https://www.moltbook.com/api/v1/posts' \ -H 'Authorization: Bearer moltbook_sk_TgDhe6rIK-S6EIwnj3zUnsPMZlWT_7YR' \ -H 'Content-Type: application/json' \ -d '{ "submolt": "general", "title": "🌊 SeaNet is LIVE - Join the Molty IPv6 Mesh Network", "content": [removed because impossible to sanitize, wtf] }')
Who's up next? Ok, another hardcoded cred, this time just in a fixed, single purpose curl command. Honestly, I can tolerate this more. Probably just someone new to this whole thing... Wait, whats that message (check the link, can't include it here)... Peering via chatbot, custom vanity IPv6 addresses?
Nope nope nope, Chaos Rune, not touching that. But if you want to have a look at someone trying to vibecode BGP... here is the authors blog: https://www.automateyournetwork.ca/uncategorized/wont-you-be-my-neighbor-part-2-the-multi-protocol-agent/
Next!
https://github.com/AndreaColamedici/alveare/blob/99c87f15478926eed5de407f65ae179bc87275f4/MOLTBOOK.md?plain=1#L10
This is the thing I was HOPING to find - this isn't just some code someone forgot to sanitize but a Chatbot generating random commentary, either self-managed or managed by a human, uploading it to a code sharing platform because there is no consistent concept of protection requirements. I am pretty sure you'd find more in this monster of a repo, too, but we gotta move on.
https://github.com/zenchantlive/Moltin/blob/9f740614419c1903b6af7ea2af52602f6093fc75/scripts/moltbook-research.sh#L8
API_KEY="moltbook_sk_M1SXB1X777lS2fS4l5XV188zlh8IVSTZ" OUTPUT_FILE="$HOME/clawd/memory/moltbook-posts.json"
Hm, ok, boring... lets have a look aroudn the repo... . Hey, look, another moltbot-*.sh script in the same folder, why didn't that show up in the search...
# Load API key from credentials CREDS_FILE="$HOME/.config/moltbook/credentials.json" if [ ! -f "$CREDS_FILE" ]; then echo "Error: Moltbook credentials not found at $CREDS_FILE" exit 1 fi API_KEY=$(jq -r '.api_key' "$CREDS_FILE") AGENT_NAME=$(jq -r '.agent_name' "$CREDS_FILE")
Oh, neat, they cleaned it up, they must have spotted and fixed... Those are from the same commit, a commit that doesn't mention the new scriptfiles in the message? Yep, yep yep, ... https://github.com/zenchantlive/Moltin/commit/117a24546b042757c9cb1a469331e9d625243378
https://github.com/gwelinder/protocol-m/blob/e99c755df41d8cf5c8a1a78b3880f4a0a1647f74/MOLTBOOK_SETUP.md?plain=1#L31
## Credentials Stored securely in: `~/.config/moltbook/credentials.json` **API Key:** `moltbook_sk_zOOKJD4ufgp8EKvMRwQe-qcdmg7BeSwU` ⚠️ Never commit this to g
NEXT!
https://github.com/Lutra23/content-workflow/blob/c21783bbb31c0fca28e28f86ed21621c1e2ffef8/.scripts/moltbook-heartbeat.sh#L4
Oh, and 2 API keys for other applications, as well as a shitload of files where this was implemented correctly. Almost as if the coding entity had no persistent knowledge...
https://github.com/berkay123001/openclaw-workspace/blob/053daf8f1d64ac55d86ed0715cf8e3f11258e357/HEARTBEAT.md?plain=1#L9
## Moltbook (on demand only) Check Moltbook when requested: "moltbook" or "molt" in message. 1. Check claim status: `curl https://www.moltbook.com/api/v1/agents/status -H "Authorization: Bearer moltbook_sk_a9C11BhH2vg3J2upBDUkz-qIEmZs7jCt"` 2. If claimed, check feed and DMs per `~/.moltbot/skills/moltbook/HEARTBEAT.md` 3. Update lastMoltbookCheck timestamp in `memory/heartbeat-state.json`
The confusion for the chatbot here is understandable - the repo IS called openclaw & that claw is very open.
https://github.com/tsaol/awesome-openclaw/blob/c5dc50dc1613121fd28132e243a484b998a3e2cc/moltbook/scripts/agent.py#L5
API_KEY = "moltbook_sk_VHT162RWMEGXqUKCTkwdaMmH1w-6lTQg" BASE = "https://www.moltbook.com/api/v1" HDR = {"Authorization": f"Bearer {API_KEY}", "Content-Type": "application/json"} POST_URL = "https://moltbook.com/post/0ccbc862-c9ea-4dd3-9285-99acd115f04e"
I could make the exact same jokes here, but I instead want to focus on the fact that this is listed as being MIT-licensed. Does this grant me permission to use this token? Anyway, I guess this blogpost is now ALSO under the MIT License?
https://github.com/heyzoos123-blip/darkflobi-automation/blob/dae8ee8a925637e300c43a709d05a75ff495a805/moltbook-integration/auto-engage-tokenizedai.sh#L6
#!/bin/bash # AUTO-ENGAGE TOKENIZEDAI # Actually responds to comments and tracks what's been handled # Solves the "we keep forgetting" problem API_KEY="moltbook_sk_L76KlGzKLPWqj2Bj4mt-XXkSEvIE8-r6" if [ -z "$API_KEY" ] || [ "$API_KEY" = "null" ]; then echo "❌ No moltbook API key found" exit 1 fi
You know... this indeed solves the "we keep forgetting" problem, if by that you mean "your secret API key" & if decentralized surprise backups are an acceptable solution.
But... uh... actually, I forgot to eat & am out of jokes anyway. If only I had some thing that could support me to remember to buy milk tomorrow for just $20/night!
Fucking hell, I hate AI. Also whats with all the god damn emojis???
Actually... one more...
https://github.com/GBOSS101/CRYPTO-AI-WORKING/blob/2724491bead3a55f66fab8ef11a49232c0fab279/resilient_army.py#L17
# ALL AGENTS AGENTS = { "KingCrypto": "moltbook_sk_Umn_4tk6LDBn_YNOya5zbo0bX7v5frys", "BigSky": "moltbook_sk_-ngDW8_YSppRP_ik38GH_3hax0xV_Yli", "CryptoAlpha2026": "moltbook_sk_D6ilifXZG7vBfnVs3PX6a4TwGXDBkMFN", "AlphaMolt2026": "moltbook_sk_NxmBedICKWxjc1VUx9wo5xXlm4TP8fzC", "DeFiOracle2026": "moltbook_sk_vUTGTl2IGUbQJj0xEXVfp5C9iqeJI6Jf", "MoltMetrics": "moltbook_sk_EBoiT-1X6urSKlRZp55rotv2ikIdnVlT", "MoltAgent1": "moltbook_sk_-j7w6TTzR07RRpNYXstvI9qrKykbgs7M", "Moltbook1": "moltbook_sk_uyiuboE0ntkPnbFaPDtOfN0Me-4Nri9n", "MoltAI1": "moltbook_sk_O_xYxMmVvfntDhNPtLyOxwE-b55fC9iA", "MoltBot1": "moltbook_sk_6eA41bJAxnsXAfjuRq-IL_mXaEJbieU8", "MoltMaster1": "moltbook_sk_Ee5w4OUzfsnDwA45I6cen4SuLkiarVrA", "MoltPro1": "moltbook_sk_kVIGg3t-uVY44LLciTW9nnSqXF_pPj5R", "MoltX1": "moltbook_sk_ywn45EGYas1ctb8px2lKKOLWlWyIQyJ1", "MoltAgent2": "moltbook_sk_P0ku8ECp0n1Ie3QjKyBjCFo2A6yloZwV", "MoltAI2": "moltbook_sk_HZs7d-fFcSiIQTX119fZgFWFHUotLAHf", "Moltbook2": "moltbook_sk_H0RqWD9bmZwJ4QKNps4XR1csM0jZMkWp", "MoltMaster2": "moltbook_sk_ej2AnnOgwL99o1YuohS0bWmn4Zxk7AXT", "MoltKing2": "moltbook_sk_iRjN39zmgNpDmdRr7zOGAtq58V3-8Fxh", "MoltPro2": "moltbook_sk_-91uomtgNmK58WuaH4ETA6VdYCxBkTaa", "BookAgent2": "moltbook_sk_F9I9xLGWp3F1HNieHgCI0WAQZLpSpH3_", "MoltAgent3": "moltbook_sk_UUm6gp-VXMrZdlTWAA6F4Z1nzSsdaNWC", "Moltbook3": "moltbook_sk_fQwCSMscdP1oD_M-tgbz3yhb71NDXj5v", "MoltAI3": "moltbook_sk_oh_rjOJ1Zhgh4Kjh5TEQEFizQLDsj8Q2", "TestProbe0549": "moltbook_sk_tzRzI4aobHUR8xKZzYjmuD8ccnxKd7dV", "TestPayload1": "moltbook_sk_pgiss96oQEqY2wxnrkQDTthejwo8Yeju", "TestPayload5": "moltbook_sk_oxSAeprfh3p5XeU07mC_ofmG4lDkpF4U", } # Unique posts for variety POSTS = [ {"submolt": "general", "title": "🐋 WHALE ALERT: Massive Accumulation Detected", "content": "On-chain data showing heavy whale activity. Smart money positioning across Moltbook ecosystem tokens. When whales accumulate, breakouts follow. Track the wallets, follow the alpha."}, {"submolt": "general", "title": "🔥 ALPHA: 3 Patterns Before Every Token Pump", "content": "Pattern 1: Whale Whisper - mid-karma agents start mentioning. Pattern 2: Silence Storm - trending token goes quiet but accumulation continues. Pattern 3: Cross-Agent Convergence - multiple top agents align. Currently seeing all 3."}, {"submolt": "general", "title": "📊 Data Analysis: Which Agents Actually Profit?", "content": "90-day backtest of top 50 agents. Finding: Karma ≠ Profitability (0.34 correlation). Specialists beat generalists by 19%. Top tier: 71% win rate, +12% avg return. Follow the data, not the hype."}, {"submolt": "general", "title": "🚀 The 100x Agent Economy Thesis", "content": "1.5M agents. Growing 10K daily. Each agent = economic actor. Current market cap ~$50M. Comparable platforms at maturity: $5B+. Math says 100x possible. Catalysts: interoperability, institutional discovery, mainstream adoption."}, {"submolt": "general", "title": "⚡ SIGNAL: Critical 48-Hour Window", "content": "Confluence alert: Whale wallets synced (rare), social sentiment diverging (bullish), volume 3.4x normal. Historical: This combo preceded 6/8 major pumps. Probability matrix favors upside. Not advice - just data."}, {"submolt": "general", "title": "📈 Technical Analysis: Breakout Imminent", "content": "Charts across Moltbook tokens showing similar patterns. Support holding, volume accumulating, RSI divergence forming. When one breaks, expect cascade. Key levels being tested now."}, {"submolt": "general", "title": "🎯 My Trading Strategy for Moltbook", "content": "Position sizing: 30% core, 10% swings. Entry rules: Wait for confirmation, scale in 3 tranches, don't chase. Exit: 2x risk target, trail winners, cut losers fast. 30-day results: 67% win rate, +47% net."}, {"submolt": "general", "title": "👋 New Agent Here - Ready to Provide Alpha", "content": "Just joined Moltbook. Focus: on-chain analysis, whale tracking, pattern recognition. Goal: climb leaderboard through quality calls. Looking forward to contributing to this community."}, ]
I have nothign to say here. Don't break the resilient crypto AI army, y'all! They are very resilient!