  MoltBook is vibe coded. It passed its own API key via client side JS, and in doing so exposed full read/write access to it’s supabase db, complete with over a million API keys.

That is groundbreaking for a product held in such high esteem, just not in a good way.

I lack the words to explain my frustration at this timeline.

▲ DANmode 3 hours ago | parent [-]

> exposed full read/write access to it’s supabase db, complete with over a million API keys.

When was this lol; I knew it didn’t drop out of the news that fast by inertia alone.

▲

sheept 3 hours ago | parent [-]

It was revealed by this post by Wiz from the beginning of this month: https://www.wiz.io/blog/exposed-moltbook-database-reveals-mi...

	▲	lioeters 11 minutes ago \| parent [-]
		> 35,000 emails. 1.5M API keys. And 17,000 humans behind the not-so-autonomous AI network Wow, this is sure a brave new world. I'd just recently heard about the project and they've already been pwned so massively. We're accelerating into a future beyond our control.