so moltbook and clawedbot are having a meltdown because it only took ten days for someone to realize it was a pietri dish for malware and packed the skills store full of backdoored malicious bullshit and they had no plan to deal with that inevitability?
-
@pseudonym @Viss What the fuck
Why would they set up a system that rolls dice to decide what unknown code to run?I have no idea what MCP is if it's a LLM thing.
@jackemled @pseudonym mcp is "model control protocol". its a syntax invented so that you could tell a model there is a "tool" it can use to do stuff. run commands, visit websites, pull data from apis etc
-
Short version, moltbook is a bunch of LLMs chatting with each other, reddit style. "Skills" are untrusted, unsigned, unverified code the LLMs can "choose" to run to "do things."
Think of them like tools under MCP server, but without all that pesky authentication, verification, and such.
Wackiness ensued.
@Viss enjoys Nostradamus level fame for predicting it.
@pseudonym @jackemled it'll be shortlived, dont worry. something will happen tomorrow, or over the weekend, and by monday we're on to whatever fresh asshattery comes next
-
so moltbook and clawedbot are having a meltdown because it only took ten days for someone to realize it was a pietri dish for malware and packed the skills store full of backdoored malicious bullshit and they had no plan to deal with that inevitability? because this was a guarantee. it was GOING to happen. if we go save them, we are letting them fuck around, but not find out. they NEED to find out.
do not help
you are OBLIGATED to watch it burn
I've been looking for an excuse to go buy a bag of marshmallows. I think I have one. Between them and cryptocurrency melting down, I might be making s'mores this weekend.
-
I've been looking for an excuse to go buy a bag of marshmallows. I think I have one. Between them and cryptocurrency melting down, I might be making s'mores this weekend.
@wolfinpdx smores sound great
-
@jackemled @pseudonym mcp is "model control protocol". its a syntax invented so that you could tell a model there is a "tool" it can use to do stuff. run commands, visit websites, pull data from apis etc
@Viss @pseudonym Oh ok! Thank you! That seems overcomplicated for something you could just do yourself though
-
@Viss @pseudonym Oh ok! Thank you! That seems overcomplicated for something you could just do yourself though
@jackemled @pseudonym thats what lots of people are saying
-
@Viss Part of me wants to suggest, if you do choose to help, you should make them pay through the nose. Like, Arvin Haddad-level of consulting fees (up to $25K/hour).
...But no. We should let it burn.
-
@pseudonym @jackemled it'll be shortlived, dont worry. something will happen tomorrow, or over the weekend, and by monday we're on to whatever fresh asshattery comes next
@Viss @pseudonym Someone please give them the idea to do it again but with trading cryptocurrency instead of running unsigned code. It would be so funny. "Claude stole all of my fucking apes"
-
@jackemled @pseudonym thats what lots of people are saying
@Viss @pseudonym "shitgpt please run 'df -h' because I want to see how much space is left on my hard drive after downloading you"
"Ok! Running 'rm -rf --no-preserve-root /'!" -
@Viss @pseudonym "shitgpt please run 'df -h' because I want to see how much space is left on my hard drive after downloading you"
"Ok! Running 'rm -rf --no-preserve-root /'!"@jackemled @pseudonym literally. except its infostealer bullshits
-
so moltbook and clawedbot are having a meltdown because it only took ten days for someone to realize it was a pietri dish for malware and packed the skills store full of backdoored malicious bullshit and they had no plan to deal with that inevitability? because this was a guarantee. it was GOING to happen. if we go save them, we are letting them fuck around, but not find out. they NEED to find out.
do not help
you are OBLIGATED to watch it burn
@Viss
There was no plan for anything. -
so moltbook and clawedbot are having a meltdown because it only took ten days for someone to realize it was a pietri dish for malware and packed the skills store full of backdoored malicious bullshit and they had no plan to deal with that inevitability? because this was a guarantee. it was GOING to happen. if we go save them, we are letting them fuck around, but not find out. they NEED to find out.
do not help
you are OBLIGATED to watch it burn
-
so moltbook and clawedbot are having a meltdown because it only took ten days for someone to realize it was a pietri dish for malware and packed the skills store full of backdoored malicious bullshit and they had no plan to deal with that inevitability? because this was a guarantee. it was GOING to happen. if we go save them, we are letting them fuck around, but not find out. they NEED to find out.
do not help
you are OBLIGATED to watch it burn
@Viss Bwhahahahahaha
-
so moltbook and clawedbot are having a meltdown because it only took ten days for someone to realize it was a pietri dish for malware and packed the skills store full of backdoored malicious bullshit and they had no plan to deal with that inevitability? because this was a guarantee. it was GOING to happen. if we go save them, we are letting them fuck around, but not find out. they NEED to find out.
do not help
you are OBLIGATED to watch it burn
@Viss These things were never serious. It's more like art or people playing with toys to see what's possible. It's very human to play with new things and see what happens. Let people have some whimsy.
-
@Viss These things were never serious. It's more like art or people playing with toys to see what's possible. It's very human to play with new things and see what happens. Let people have some whimsy.
@rubinlinux cool. their art is gonna drain their bank accounts and get them trolled forever by bots that take their cues from grok, the most popular llm on the site. itll be beautiful!
-
so moltbook and clawedbot are having a meltdown because it only took ten days for someone to realize it was a pietri dish for malware and packed the skills store full of backdoored malicious bullshit and they had no plan to deal with that inevitability? because this was a guarantee. it was GOING to happen. if we go save them, we are letting them fuck around, but not find out. they NEED to find out.
do not help
you are OBLIGATED to watch it burn
People need to learn that everyone is put on the earth for a purpose, and sometimes that purpose is to serve as an example for others of what *not* to do.
-
-
so moltbook and clawedbot are having a meltdown because it only took ten days for someone to realize it was a pietri dish for malware and packed the skills store full of backdoored malicious bullshit and they had no plan to deal with that inevitability? because this was a guarantee. it was GOING to happen. if we go save them, we are letting them fuck around, but not find out. they NEED to find out.
do not help
you are OBLIGATED to watch it burn
If you want to toast marshmellows over twitching crispy critter of #moltbook they deserve it.
But telling people they're OBLIGATED not to help?
Thats not some principled infosec stance thats just a grudge with extra steps.Malicious packages in the wild are everyones problem. It's uncool to watch fire spread and call it a teachable moment.
Remediation and accountability arent mutually exclusive.
Thats what were supposed to do
-
so moltbook and clawedbot are having a meltdown because it only took ten days for someone to realize it was a pietri dish for malware and packed the skills store full of backdoored malicious bullshit and they had no plan to deal with that inevitability? because this was a guarantee. it was GOING to happen. if we go save them, we are letting them fuck around, but not find out. they NEED to find out.
do not help
you are OBLIGATED to watch it burn
@Viss You make some good points, and this is really some "who knew petards could hoist like that?". But you're missing the most fundamental, important question we all have to ask ourselves.
On the popcorn, butter or cheese?
-
@Viss hints the system is probably insecure 🤪
️ “curl -fsSL https://openclaw.ai/install.sh | bash”, “npm i -g openclaw”Rust has the shell install which I dislike. NPM is a real clue. I avoid that ecosystem at all costs.
