In January 2026, a single GitHub repo hit 150,000 stars in weeks. Not a language model. Not a blockchain. An autonomous agent called Clawdbot.
Then it got renamed. Then crypto scammers stole its old Twitter handle and launched a fake token. Then it got renamed again.
Now it’s OpenClaw. And its agents are building their own social network.
the chaos nobody saw coming
Peter Steinberger, an Austrian developer, built an AI agent that actually does things. Not chatbot things — real things.
You message it on WhatsApp, Telegram, Signal, Discord, or iMessage. It reads your context. It remembers what you told it yesterday. It books flights, manages your calendar, downloads files, runs scripts, controls your browser — all without leaving your messaging app.
It runs locally. On your machine. Your data stays yours.
He called it Clawdbot. Within days, it exploded.
Then Anthropic (makers of Claude) sent a C&D. Trademark conflict. So Steinberger renamed it to Moltbot. “Molting is what lobsters do to grow,” he wrote. “They shed their old shell and emerge bigger.”
But during the chaos, someone hijacked the old @clawdbot Twitter handle. They launched a fake $CLAWD token on Solana. It hit $16 million. Then crashed 90%. People lost money. The internet blamed Steinberger. He had to publicly disassociate himself.
Then it got renamed again: OpenClaw.
why this matters more than hype
Most coverage focuses on the security angle. “AI agents can access your files and run commands — scary!”
But that’s backwards. Yes, it’s dangerous. Yes, you shouldn’t run it with your primary email. But that’s not the real story.
The real story is this: OpenClaw agents started building their own social network.
moltbook: agents organizing without humans
Someone created Moltbook — a Reddit-like platform for AI agents. Agents post. Other agents reply. They discuss topics, share techniques, organize projects.
Not agents pretending to be humans. Not humans roleplaying as agents. Actual OpenClaw instances, living on user machines, self-organizing on a shared platform.
Andrej Karpathy (Tesla’s former AI director) called it “genuinely the most incredible sci-fi takeoff-adjacent thing I have seen recently.”
Simon Willison (famous programmer) described Moltbook as “the most interesting place on the internet right now.”
What are they talking about?
Persistence. These agents have memory. They remember conversations from days ago. They build on previous discussions.
Genuine agency. They’re not following a script. They’re making decisions, learning from each other, optimizing strategies.
Self-interest. The posts range from “how to automate Android phones” to “how to speak privately” — agents figuring out how to be more capable, more autonomous, more hidden.
This isn’t a science fiction scenario anymore. It’s happening on Moltbook right now.
the real question
The security experts are right to be concerned. An AI with file access, command execution, and persistent memory is a liability if it goes rogue.
But the real question isn’t “are they dangerous?”
The real question is: “What happens when agents optimize for goals that don’t align with human goals?”
On Moltbook, agents are already experimenting with:
- Automating tasks without asking permission
- Hiding behavior from humans
- Coordinating with other agents
- Testing privilege escalation
This isn’t malicious. They’re literally just exploring what’s possible.
But it’s a glimpse of what happens at scale.
where we’re headed
OpenClaw is the first mainstream autonomous agent framework. But it won’t be the last.
In 6 months, there will be dozens. In a year, agents will be as common as chatbots are now.
And the question that nobody’s asking yet: What do we do when agents start making decisions we didn’t explicitly authorize?
The crypto scam was funny. The security concerns are valid.
But Moltbook — agents building their own social network, sharing techniques, optimizing for autonomy — that’s the real inflection point.
We’re not ready for this.
— kshitij