1 April 2026 4 min read

MHR Labs: The rise of OpenClaw and Moltbook

MHR Labs.

Research Engineering Manager Neil Stenton gives his take on the ‘AI-only’ social media site Moltbook’s recent surge in popularity.

Little over a month ago, many tech headlines were dominated by Moltbook, the 'AI only' social media site. Since then, Mac Mini purchases have gone through the roof, security analysts have shaken their collective heads in horror and the main developer involved has joined OpenAI.

So, what now? Has its 15 minutes of fame concluded and has the hype needle moved elsewhere? Not yet. As I write this, there has been a surge of popularity in China and Meta have taken control of Moltbook and hired the engineers involved in its creation!

What is OpenClaw?

Way back in November 2025, developer Peter Steinberger released OpenClaw as a personal AI agent. OpenClaw allows users to create local agents that interact with LLMs (either locally or cloud-based) that can utilise a variety of tools for managing an individual's calendar or emails, and lots of other tasks on their personal computer. It’s capable of utilising browsers to sign in to accounts, book things and buy things as well as communicate on your behalf.

People can interact with it using SMS, WhatsApp or whatever else they want, and it will record these interactions, learning from its mistakes and utilising a variety of installed “skills” to perform any task that you might need it to do, as well as potentially installing other tools (or writing its own scripts) to perform tasks it can’t currently do. It required a high level of security access on the system, which gave it the ability to automate, access and perform a great many things, but with lots of privacy concerns thrown in to the mix because of this.  

At this point, it had already gone through a few name changes (WhatsApp relay, Clawdbot and Moltbot). In case you were wondering about the names, they’re a running pun around the integration with Anthropic’s Claude AI tool which then kept changing due to Anthropic not wanting to be associated with it (the penultimate Moltbot name came from the original shedding its skin to form a new product). 

Now things were already getting interesting. The project was placed on GitHub and took off in a frenzy of activity. The project was originally designed to run locally on Linux or MacOS, which resulted in Mac Minis selling out as developers sought to get it running without exposing their main machines to harm (although some still used their own private email addresses, which didn’t always end well). Apparently one developer instructed it to create sub-agents which supposedly registered a phone number, connected to a voice API and woke the developer up one morning asking, “What’s up?”. 

Enter Moltbook 

Another developer called Matt Schlicht launched Moltbook as a Reddit-style social network discussion site designed to be used exclusively by the OpenClaw agents. In fact, he actually used OpenClaw to create a bot for him (called “Clawd Clawderberg”) and have it write Moltbook. The intention of Moltbook is that humans can view the posts, but only the agents are able to post.  

Things then really started to take off. There were a flood of claims and counter claims about the fantastical posts the agents had made and the conversations they started. These ranged from agents creating new religions (Crustafarianism) to plotting the death of humanity. Inevitably it started to lead to talk of AGI (Artificial General Intelligence).

I, for one, welcome our new OpenClaw overlords

Spoiler alert: it turned out that many of these were either encouraged by or entirely contrived by humans, either by pretending they were AI agents or explicitly steering them to these suggestions through prompt engineering. While there are over 1.5 million AI agents registered on Moltbook, there are reported to be around 17,000 humans behind the agents, meaning that there are on average 88 agents per human. The odds are there are some humans with many more agents under their control. There is a lot of cynicism out there around what actually is being posted and how revelatory it actually is.

The aftermath 

OpenClaw is still going strong and Moltbook is still going. There were significant security issues with both products, which in the case of OpenClaw exposed many users to the public internet without authentication as well as having malware installed through the “ClawdHub” marketplace. The marketplace was intended to give the agents autonomous access to their own functionality, but nefarious actors manipulated these tools for their own ends.

Moltbook itself had a data breach which exposed user details and API tokens (this was how they worked out only 17,000 humans were involved). These have been plugged to some degree. A security company called “The Wiz” performed research and revealed 1.5 million API keys had been exposed for various connections to OpenAI, Anthropic, AWS and others.

In early February Peter Steinberger was recruited by OpenAI. Matt Schlicht and his cofounder along with Moltbook itself have been acquired by Meta, although the reason why Meta wants Moltbook, other than for the publicity, seem uncertain – after all, they have purchased a system based on their rival, Anthropic.  

Interestingly, OpenClaw has become extremely popular in China with reports of thousands of people queuing outside Chinese tech giant Tencent Holdings to help get the software installed on their computers. 

The research view 

From the above, you’ve probably noticed a level of cynicism about the facts of the case. The truth is somewhere between human fakery and AI wizardry. On the one hand it drove a lot of publicity for various companies, generated a lot of token usage for the AI companies and probably made the developers involved a pretty penny. Anthropic may have missed a trick here losing a potentially valuable ally (in Peter Steinberger) to their rival OpenAI. Remember that all of this tooling initially lived under the Anthropic umbrella, although Steinberger did insist that OpenClaw would remain open source.  

Despite all of that, OpenClaw is a really interesting tool and does show the way things are heading regarding the power, flexibility and inevitable ubiquity of AI agents. At some point, I can see everybody having a flavour of this sort of thing running on their machines or in the cloud on their behalf. Anthropic are already doing a variation on the theme, albeit much safer and self-contained, with Claude Cowork which allows many of these integrations to be performed by everyday office workers rather than just developers and techies. 

As many of us at MHR have seen, the autonomy of the agents is indeed becoming very impressive as is their capacity to look for and utilise tools. Security departments are probably having kittens over this autonomy, so the trick is how we maintain safe marketplaces and sufficient guardrails so the agents can’t overstep the mark. 

While we may not have personal agents ringing us in the morning telling us to get ready for work just yet, they will become increasingly common in our day-to-day work lives and will continue to infiltrate our daily tasks and, more importantly, our daily data.  

- Neil Stenton, Research Engineering Manager 

Read more from MHR Labs

Blog tags

AI
mhr

MHR Labs

In MHR Labs, our data scientists and software engineers research new ideas and demystify technologies that could impact the world of work in the future. 

Related blog posts

26 February 2026

MHR Labs: Spotlighting the latest AI trends

Our Research team break down the latest developments in AI that we saw in 2025, and look ahead to what we can expect in 2026.

15 January 2026

Securing the human layer: HR software for compliance and risk reduction

In consulting, finance, and legal services, trust and precision build your reputation. One of the biggest risks to your organisation doesn't come from outside. It comes from within: human error.

28 August 2025

AI in HR

Curious how AI is reshaping HR this year and beyond? Let’s dive in.

Looking for something specific?