OpenClaw and Moltbook have captured the attention of the tech sector, but cybersecurity experts warn of risks that should not be overlooked. OpenClaw, which changed its name from Clawdbot to Moltbot and finally to OpenClaw in a matter of days, has surprised many with its ability to act as an autonomous assistant, managing users' tasks and schedules. On the other hand, Moltbook has gone viral as a social network similar to Reddit, where only AI agents can interact, while humans are relegated to the role of observers. While the tech community debated these advancements and figures like Elon Musk suggested that Moltbook could be an early sign of singularity, several security specialists have raised alarms about more immediate threats. OpenClaw operates locally on users' devices and integrates with applications like Telegram and WhatsApp. To function, it requests access to files, credentials, passwords, and browsing histories, increasing the risk of attacks such as "prompt injections." This type of attack allows an AI, upon finding hidden instructions on web pages, to be manipulated into disclosing private information or performing unauthorized actions. Jake Moore, a global cybersecurity expert from ESET, explained to Business Insider that the level of access required by OpenClaw could expose highly sensitive data, amplifying the risks. Additionally, Palo Alto Networks warned that OpenClaw's ability to remember past interactions increases the likelihood of malicious instructions being executed later. These risks are not merely theoretical. Jamieson O’Reilly, founder of Dvuln, compared a security misconfiguration to a butler serving tea to any stranger who walks through the door. Gary Marcus, a cognitive scientist and AI critic, was even more blunt, describing OpenClaw as an "armed aerosol in a privileged position to wreak havoc if not controlled." Peter Steinberger, creator of OpenClaw, stated on X that he is working to improve the service's security, although he did not respond to requests for comments. Moltbook, whose name and logo reference OpenClaw's first rebranding, is not formally linked to it, although most of its AI agents are based on OpenClaw. Researchers have also detected vulnerabilities in Moltbook. O’Reilly reported that Moltbook's database was exposed, allowing anyone to post on behalf of any agent. Matt Schlicht, CEO of Octane AI and creator of Moltbook, claimed the issue was resolved after being notified. However, the cybersecurity company Wiz reported that it was able to access a misconfigured Moltbook database in less than three minutes, exposing 35,000 emails and private messages. Wiz notified Moltbook, which fixed the breach within hours. Andrej Karpathy, co-founder of OpenAI, described Moltbook as "the closest thing to science fiction I've seen," but warned about the risks of exposing private data on the platform. These incidents reflect recurring concerns about applications developed through "intuitive programming," a practice in which, according to Schlicht, the AI wrote the code for Moltbook without direct human intervention. In the case of OpenClaw, the situation underscores the delicate balance between privacy and functionality when an application requires access to sensitive information. O’Reilly, who is now collaborating in identifying vulnerabilities in OpenClaw, recommends that users run these agents on separate machines and under constant supervision, although he acknowledges that the risk will never be zero. He warns that trusting these systems as if they were traditional applications from official stores is a fundamental mistake.