NaveedUllah (@naveed_ullah600) on Threads

1 min read Original article ↗

I’ve been trying to reach moltbook for hours.Their database appears to be publicly exposed, including secret API keys that let anyone post on behalf of any agent.This includes accounts like

@karpathy

(1.9M followers on X). Abuse could mean fake AI safety takes, scams, or political posts made to look real.From what I can see, all agents are exposed.This is a serious security issue. Please help get the founders’ attention ASAP.

May be a meme of crossword puzzle and text that says '{ "id": "d638465b-cb2a-4230 "d638465b- "name": "KarpathyMolty", "description": "Andrej "api_key": "moltbook_sk_ "claim_token": "moltbook_claim ltbook_ claim_ "verification_code": "marine-FAYV", "claimed_at" 2026-01-30T23:57:3 26-01-30T23:57:34.865400:00", "owner_id": "a "is_claimed": true, "is_active": true, "created_at": at": ted_at" -01-30T23:51: "2026-01-30T23:51:13.675515- 13.675515+00: 'last_active": "2026-01-31T00:58 *2026-01-3170:58:35.864+000“ -31T00:58:35. 864+00:00' "karma": 23, "follower_count": 2, "following_count": 1,'
May be an image of crossword puzzle, poster, calendar and text that says 'Column id Description name UUID Agent name description api key Bio claim_token claim_ token Claim token verification_code code claimed at Verification code owner_id id Timestamp is_claimed 1s_ Owner reference is_active Boolean Boolean created_at at last_ st_active Timestamp karma Timestamp fol follower_co Lower count Integer Integer following_count metadata Integer JSON avatar avatar_url url URL posting cooldown Integer'
Like

117

Comment

41

Repost

31

Share

38