What is Moltbot (formerly Clawdbot)?

Moltbot is an open-source, self-hosted AI assistant created by Peter Steinberger. It runs on your own hardware and connects to messaging apps like Telegram, WhatsApp, Slack, Discord, and iMessage. The tool wraps Claude Opus 4.5 with cron scheduling, allowing it to send you messages without you initiating the conversation. Anthropic sent a cease and desist over the original name, forcing a rebrand from Clawdbot to Moltbot in January 2026.

Is Moltbot safe to use?

Not in its current state for non-technical users. Security researchers found over 900 Moltbot instances running with zero authentication. These exposed Anthropic API keys, Telegram bot tokens, Slack OAuth credentials, and months of conversation history. One researcher extracted a private key via prompt injection within 5 minutes. If you deploy Moltbot, you must configure authentication and close exposed ports. The founder himself warns: most non-techies should not install this.

Is the Clawdbot cryptocurrency token legitimate?

No. Peter Steinberger, the creator of Moltbot, has publicly stated he never issued a token, has no plans to do so, and has no connection to any cryptocurrency. When Anthropic forced the rebrand, scammers hijacked the abandoned Clawdbot handles on X and GitHub. They launched a fake CLAUDE token on Solana, pumped it to $16 million market cap using hijacked accounts, then dumped it. The token crashed 90%. This is a textbook pump-and-dump scam.

How much does Moltbot cost to run?

The software is free and open-source. The costs come from API usage. One user spent $300 in two days on what they considered basic tasks. Claude Opus 4.5 is the default model, which runs approximately $15 per million input tokens and $75 per million output tokens. If you run Moltbot continuously with cron jobs and complex tasks, API costs add up fast. Budget accordingly or switch to cheaper models for routine tasks.

Should I set up Moltbot for my business?

Not yet for most businesses. The project is under 3 months old. The founder describes it as unfinished with sharp edges. Half the tutorial videos online show people using regular Claude to debug their broken Moltbot installations. For most use cases, Claude through a standard interface (API, web, or IDE plugin) offers the same capabilities with better security. Wait for Moltbot to mature, or only deploy if you have strong DevOps and security skills.

January 28, 2026

Moltbot (Clawdbot) Explained: Separating Hype from Reality

Githui Maina

Founder & AI Systems Architect

< p class="lead" > Moltbot, the open - source AI assistant formerly called Clawdbot, accumulated 60,000 GitHub stars in days.Then a crypto scam emerged.Then security researchers found 900 + instances leaking API keys.Here is what you need to know.

Peter Steinberger created Clawdbot as a self-hosted AI assistant running on your own hardware. It connects to messaging platforms you already use. Telegram, WhatsApp, Slack, Discord, iMessage, and others. The core idea: Claude with hands. An AI assistant that does things instead of talking about doing things.

Anthropic sent a cease and desist over the name. The project rebranded to Moltbot on January 27, 2026. This rebrand created the opening for a major scam.

What Moltbot Does

At its core, Moltbot wraps Claude Opus 4.5 with three additions:

Messaging integration: Interact with Claude via Telegram, WhatsApp, Slack, Discord, or other chat apps instead of a web interface
Cron scheduling: The AI sends you messages on a schedule. You do not always initiate the conversation
Local execution: Runs on your own hardware or VPS. Your data stays under your control (in theory)

The founder demonstrated useful workflows. Scheduling good morning messages. Kicking off research tasks from your phone. Running automations without opening a laptop.

These features are useful. They are not new. Agentic workflows and cloud-based scheduling have existed for months. The difference is packaging. Moltbot bundles existing capabilities into one open-source project.

The Crypto Scam

When Anthropic forced the Clawdbot to Moltbot rebrand, the original X handle and GitHub organization became briefly available. Scammers moved fast.

The sequence:

Peter Steinberger releases Clawdbot, it goes semi-viral
Anthropic sends cease and desist
Project rebrands to Moltbot, old handles become available
Bad actors squat on the abandoned Clawdbot accounts
Scammers launch CLAUDE token on Solana using hijacked accounts
Token pumps to $16 million market cap
Insiders dump, token crashes 90%
Peter Steinberger publicly disavows any crypto affiliation

The token now sits around $8.65 million after the scam was exposed. Peter stated clearly: he never issued a token, has no plans to do so, and has no connection to any cryptocurrency.

If someone tells you to buy a Clawdbot or Moltbot token, they are running a scam.

The Security Disaster

Security researchers scanned the internet and found over 900 Moltbot instances running with zero authentication. Anyone could connect and read:

Anthropic API keys
Telegram bot tokens
Slack OAuth credentials
Months of conversation history
ENV files containing other secrets

Matvey Kukuy, CEO of Archestra AI, demonstrated the severity. He extracted a private key from a compromised instance via prompt injection within 5 minutes.

The problem: people follow tutorials without reading documentation. They deploy to VPS instances, open ports, skip authentication, and expose everything. This is common in the AI agent space. Enthusiasm outpaces security awareness.

The founder warned about this: "Most non-techies should not install this. It is not finished. I know about the sharp edges. It is not even 3 months old."

The Hype Machine

Why did Moltbot explode across social media in January 2026? Two reasons.

Reason 1: Legitimate demos. Peter Steinberger showed compelling use cases. The project scratches a real itch. People want AI assistants on their phones that take actions.

Reason 2: Astroturfing. Crypto pump-and-dump operations require hype. Scammers pay for social media promotion. They use bot networks. They coordinate shilling campaigns. When you see a tool "everywhere all at once," ask who benefits from the attention.

Posts about Moltbot racked up hundreds of thousands of views. The use cases people shared were often ridiculous. Organizing downloads by file type. Running "research" (a catch-all term for people using technology without producing anything). Sending automated good morning texts to spouses.

None of these require Moltbot. Claude does these tasks through any interface. The added complexity of a self-hosted agent creates risk without adding capability.

The Cost Problem

One user reported spending $300 in two days on basic tasks. Claude Opus 4.5 is not cheap. Running it continuously through a cron-scheduled agent burns through tokens fast.

Claude Opus 4.5 pricing:

Input: ~$15 per million tokens
Output: ~$75 per million tokens

An always-on agent that monitors, summarizes, and takes actions accumulates tokens constantly. Budget carefully before deploying.

The Reality Check

Moltbot is not a zero-to-one product. It does not help you make money. It does not replace existing workflows. It is an iterative improvement toward decentralized AI running on personal infrastructure.

The project has merit. The concept of AI agents with persistent memory, cron scheduling, and messaging integration is valid. But:

The project is under 3 months old
Security is not production-ready
Half the people setting it up need Claude to debug their installation
The founder explicitly warns non-technical users away
Everything it does, Claude already does through safer interfaces

If you need Claude on your phone, use the Claude mobile app or API. If you need scheduled tasks, use Make.com or n8n with Claude integration. If you need messaging integration, build a simple bot with proper authentication.

Moltbot deserves attention as a promising open-source project. It does not deserve the hype it received. The hype came from scammers pumping a fake token and influencers chasing engagement.

What to Do Instead

For businesses wanting AI automation without the Moltbot risks:

Use Claude directly: The web interface, API, or IDE plugins offer the same capabilities with proper security
Use established automation platforms: Make.com, n8n, or Zapier connect Claude to your workflows without exposing API keys
Wait for maturity: If Moltbot interests you, wait 6-12 months for the security issues to be resolved and the project to stabilize
If you must deploy now: Only do so with strong DevOps skills. Configure authentication. Close ports. Read the documentation. Test security before going live

The AI agent space is moving fast. Projects like Moltbot point toward a future of personal AI running on your own hardware. That future is not here yet. Do not let hype push you into security risks and wasted time.