“Clawdbot” Is Now Called “Moltbot” but Still Causes the Same Security Issues.
On Monday, I was introduced to ” Clawdbot ,” the latest AI trend sweeping tech social media. Clawdbot is designed as a personal assistant. Simply put, this means the bot can perform tasks on your behalf: you grant it full access to your computer, and it can organize your email, write code, or clear your calendar (or so it claims). You can also communicate with it through any chat app, like WhatsApp or iMessage, rather than through its own interface. Some people even buy a Mac mini specifically to run Clawdbot.
If you’re wondering where the name came from, it’s borrowed from a product by another AI company . Creator Peter Steinberger says he was inspired by the monster that appears in the reboot of Claude Code—Claude is one of the largest products in the field to date, developed by Anthropic. Steinberger decided to use a lobster image as a logo and named his lobster mascot “Clawd.” Thus, Clawdbot was born. Problem: Anthropic also calls the Claude Code mascot “Clawd.” What a bummer.
By Tuesday, Clawdbot was gone (at least in name). It turns out that companies like Anthropic frown upon you starting your own business and using their mascot’s name as your own—especially if you’re in the same incredibly lucrative industry. Perhaps if Clawdbot hadn’t become so popular, Anthropic wouldn’t have noticed, but the bot became an internet sensation, which undoubtedly brought it to Anthropic’s attention. Thus, Clawdbot officially changed its name to “Moltbot,” reminiscent of a lobster molting its shell. Clawd is now affectionately known as “Molty.” The company announced the news on its official X page , noting that Anthropic requested the name change due to “trademark-related merchandise.” (Steinberger, however, disagreed on his personal X page , writing, “I was forced to rename the account at Anthropic’s request. It was not my decision.”)
Aside from the name change, the bot appears to be the same as it was on Monday. That is, it’s still open source, can still run locally on your device, and still carries the same inherent security risks I discussed yesterday. I still don’t recommend installing a program like Moltbot on your personal device, as regardless of the name change, you’ll still be granting it incredible access to your hardware and data, with little or no knowledge of existing security measures . A single malicious request injection is all it takes for Moltbot to compromise your security.