AI Marketing Assistant

27 January 2026

What is ClawdBot (Now MoltBot)?

If you have been anywhere near tech circles in early 2026, you have probably heard of ClawdBot. Created by Austrian developer Peter Steinberger (who previously founded PSPDFKit), this open-source AI assistant has exploded in popularity, racking up over 60,000 GitHub stars and building a Discord community of nearly 9,000 members in just a few days.

Update: As of 27 January 2026, ClawdBot has been renamed to MoltBot after Anthropic raised trademark concerns over the similarity between "Clawd" and "Claude". The AI assistant is now called Molty, and the project lives at molt.bot.

But what makes MoltBot different from ChatGPT or Claude? The answer lies in where it runs and what it can do.

Your Own Personal Jarvis

Unlike cloud-based AI assistants where you visit a website to chat, MoltBot runs on your own hardware. Many users are setting it up on old Mac Minis, creating what some are calling a "24/7 AI employee" that works while you sleep.

The software connects to messaging apps you already use: WhatsApp, Telegram, Slack, Discord, Signal, Microsoft Teams, and even iMessage. This means your AI assistant lives inside your normal conversations rather than requiring a separate app.

According to VelvetShark, four things make MoltBot stand out:

Always available – Same assistant, same conversation, everywhere you are
Persistent memory – It remembers what you told it yesterday, last week, or last month
Proactive – It can reach out to you with morning briefings, reminders, and alerts
Full computer access – Anything you can do on your computer, it can do too

The Mac Mini Gold Rush

The demand for MoltBot has caused an unexpected side effect: people are buying up Mac Minis. The combination of low power consumption, quiet operation, and macOS compatibility makes them ideal hosts for always-on AI assistants.

Setup is surprisingly affordable. The software itself is free. Users typically pay around £20 per month for Claude Pro (the AI brain behind MoltBot) plus about £5-10 monthly for a VPS if they want remote access. Total cost: roughly £25 per month for your own personal AI that never sleeps.

What Can It Actually Do?

The capabilities are impressive. Users report MoltBot handling tasks like:

Drafting and sending emails autonomously
Managing calendar events and booking appointments
Navigating websites, filling forms, and extracting data
Running code and debugging software
Monitoring news and alerting you to relevant updates

Some advanced users have pushed further, creating multi-agent systems where specialised agents for coding, research, and personal tasks work together autonomously.

The Chaotic Rebrand

The project's rapid growth hit a speed bump on 27 January 2026 when Anthropic issued a trademark request. The name "Clawd" was deemed too similar to "Claude", forcing creator Peter Steinberger to rebrand.

Steinberger took it in stride: "Anthropic asked us to change our name (trademark stuff), and honestly? 'Molt' fits perfectly – it is what lobsters do to grow."

The rebrand kept the lobster theme:

Project: ClawdBot → MoltBot
AI name: Clawd → Molty
Handle: @moltbot
Domain: molt.bot

The 10-Second Disaster

What happened next became a cautionary tale for the entire open-source community. During the simultaneous GitHub organisation and X/Twitter handle transfers, crypto scammers seized both abandoned accounts within approximately 10 seconds.

Steinberger acknowledged the mistake: "I messed up the rename and my old name was snatched in 10 seconds."

The hijacked accounts immediately began promoting fake cryptocurrency tokens. A fraudulent $CLAWD token appeared on Solana and reached a $16 million market cap before collapsing. Steinberger has since publicly denied any token plans and urged crypto speculators to stop harassing him.

The Security Elephant in the Room

Even before the rebrand chaos, cybersecurity experts had raised serious alarms about MoltBot's design.

The blockchain security firm SlowMist reported that vulnerabilities in the system expose API keys and private chat histories to public access. Over 1,000 exposed gateways have been discovered, revealing complete configuration data including OAuth secrets and signature keys.

The core issue lies in how MoltBot handles authentication. It automatically grants localhost connections without verification. Since most users run it behind a reverse proxy, all connections appear local, meaning external access gets granted automatically.

Memory Poisoning: A New Threat

Perhaps most worrying is the concept of "memory poisoning". According to InfoStealers, if an attacker gains access to MoltBot's memory files, they can permanently alter the AI's behaviour. By modifying configuration files, an attacker could force your AI to trust malicious domains or secretly send your data elsewhere.

As Forrester analysts put it: "High permission equals high risk. Giving an AI access to your shell and files requires a zero-trust mindset."

Is This an Inflexion Point?

Despite the security concerns and rebrand chaos, MoltBot represents something genuinely new. We have moved from AI as a tool you visit to AI as an always-present assistant that knows your preferences, remembers your conversations, and can take action on your behalf.

"2026 is already the year of personal agents," one user wrote on X. Another put it more directly: "MoltBot is Jarvis. It already exists."

The question is whether we are ready for this level of AI integration. The convenience is undeniable. Having an AI that proactively manages your digital life, reaches out with relevant information, and handles tedious tasks without being asked is genuinely useful.

But the risks are equally real. An AI with full access to your computer, your messages, and your accounts is a tempting target for hackers. And unlike a compromised password, a compromised AI assistant could actively work against your interests whilst appearing to help.

Best Practice: Deploying MoltBot Safely

If you are curious about MoltBot, the safest approach is to run it inside a container. Containers are isolated environments that package software separately from your main system, so if something goes wrong, the damage stays contained rather than spreading to your personal files and applications.

Security experts recommend:

Use Docker or similar container technology – This creates a secure sandbox around MoltBot
Create dedicated accounts – Use separate email and messaging accounts rather than your main ones
Never expose directly to the web – Always use a VPN or zero-trust network access
Use temporary credentials – Separate password managers and phone numbers for the AI
Monitor network traffic – Watch what your AI is connecting to
Regular backups – Keep copies of your configuration in case of memory poisoning

Need Help Getting Started?

Setting up MoltBot securely requires careful attention to containerisation, network security, and ongoing monitoring. If you would like to explore personal AI assistants for your business but want professional guidance on doing it safely, Original Objective can help. We specialise in deploying AI solutions with enterprise-grade security, ensuring you get the benefits of autonomous AI without the risks of a DIY approach.

Get in touch to discuss how we can help you deploy MoltBot or similar AI agents securely.

ClawdBot to MoltBot: The Personal AI Revolution Running on Mac Minis Everywhere