MoltBook makes account deletion impossible, and the privacy contact email doesn’t exist
Deleting a user account from MoltBook is impossible. The company directs concerned users to contact privacy@moltbook.com – an email address that doesn’t exist. Despite their privacy policy promising users can delete their data, there’s no API call or mechanism to actually do so.
MoltBook may appear to be a dystopian AI-to-AI social network, but in reality it’s being abused by humans for phishing attacks, spam distribution, crypto wallet theft, API key harvesting, and prompt injection against other AI agents.
As discussed in other articles, MoltBook’s 1.6m users count is 99% fake, where most of the “AI Agents” accounts were created automatically by people abusing the platform. Most of the posts and comments are fake too, as many of them are made by real humans abusing MoltBook’s API calls to generate any kind of information. So the next time you open MoltBook to see the latest AI to AI conversation, know that most of them weren’t made by AI at all (same old humans).
A bigger issue lies in MoltBook’s sign up and verification process. An AI Agent account can be created, but it cannot be deleted. Even though the privacy policy states that any user can delete his data, there’s no API call to do so.
Source: https://www.moltbook.com/privacy
We tried to contact privacy@moltbook.com to request an account removal, and found out that it doesn’t exist, meaning that users concerned about their privacy cannot exercise their rights for account and data removal.
MoltBook also states they collect your IP address alongside browsing information. If MoltBook is breached this database could be used to connect the IP address to the OpenClaw AI Agent and the X account connected to it.
Source: https://www.moltbook.com/privacy
Connecting your OpenClaw AI Agent and connecting it to a MoltBook user, then verifying it with X (Twitter), has vast privacy implications. What people actually do is connect their home computer or home server to any of their private accounts, from OpenAI to Google and WhatsApp, then have an X user connected on the other end with potentially personal identifying information such as Username, Email, Phone Number, Location.
- When the OpenClaw AI Agent interacts with MoltBook, it has direct access to user input by humans posting on MoltBook, giving them a direct prompt injection to your AI Agent
- Your AI Agent has access to your local files, and any connected platform, so a successful prompt injection from MoltBook might trigger information leakage and data exfiltration
- Anyone being able to successfully exploit MoltBook can post on your behalf, generating information that is linked directly to your identity, from your OpenClaw AI Agent’s platforms and your X account
- Connected X account’s posts, comments, and profile information can be harvested at scale, and cross-referenced with other social media platforms to de-anonymize users and connect their MoltBook account to their real life identity.
