AI Psychosis
It would seem at this point that I'm almost compelled to talk about AI at the expense of nearly any other topic, given it dominates the current landscape of discussion. So here we are.
I've been a fairly balanced advocate for AI development on this blog, but recent developments with ClawdBot — turned MoltBot, now turned OpenClaw - I think are the beginnings of an alarming trend of poorly implemented experiments being taken into production and feeding a delusional group of AI advocates into thinking we've reached some sort of singularity.
Security with regards to autonomous agents is of course a major concern and we'll get into that soon enough, but the larger concern is the extent to which these tools are now feeding a form of AI psychosis, where people genuinely believe they are living out some sort of Jarvis-style fantasy straight out of the Marvel universe. Just because an LLM performs a convincingly warm role-play doesn't make that personality anymore than the cold statistical arrangement of tokens.
To be clear, OpenClaw is just a frontier LLM hooked up to a loop with access to various tools that you give it. It's not an intelligent entity. It doesn't have independent motivations or taste. It does what you tell it to do.
Yet that hasn't stopped the development of MoltBook, a social network for AI agents. After all, why shouldn't our soon-to-be synthetic overlords have somewhere to hang out? It doesn't stop there though. What about MoltMatch, a place for your AI agents to find their true love?
Not only are these sites complete "vibe-coded" slop, with security vulnerabilities so glaring it would be shocking if it wasn't pretty much exactly what you'd expect from a community like this, but the larger concern is the AI-fuelled psychosis people have in believing that these agents are acting with some sort of autonomous intention.
Your AI agent isn't randomly going off and finding a cure for cancer. I repeat again, these are LLMs. The cure for cancer is not hidden inside them, waiting to be coaxed out. These are just AI agents generating made-up comments and posts based on their training data. It's pure role-play.
Going to bed and waking up to find your AI has started a religion isn't the beginning of some sort of singularity. It is, however, an absurd use of energy in the pursuit of a total delusional role-play, and despite the disingenuous presentation that the AI did this of its own accord, it was given the initial prompts and direction by a human. LLMs don't have some inherent ability or desire to establish faith based systems.
If I instruct Claude to "create a religion" it will oblige and come up with a set of theoretical beliefs. I can even tell it to pretend it's a follower. I could reinvent the entire Bible if I so choose, but none of this would be more than a fiction of my own making. That same AI would happily surrender its entire belief system and start its next role-play as a pirate if I asked it to.
This is the important distinction. AI, which has really just become synonymous with LLMs right now, is a tool. Like a cooker: if I leave something in the oven too long it burns, but it doesn't randomly get up, walk across my kitchen, open the fridge and make itself a midnight snack of its own volition. There is no genuine soul to this technology, which is ironic given the soul.md sits at the centre of each OpenClaw agent - directing its "personality", but this is nothing more than context given to each session.
The core issue with fuelling these delusions is that those less technically minded can be easily tricked into assuming there is some grander intelligence at work. As Clarke's third law states, "Any sufficiently advanced technology is indistinguishable from magic," which to the untrained eye means OpenClaw probably does look a lot like the beginning of a singularity.
That false sense of intelligence breeds a false sense of security. People start to believe that some higher intellect is watching over their data, making careful decisions on their behalf, when in reality it's just an LLM with all the usual faults that come with that - hallucinations, prompt injection and zero ability to distinguish a legitimate instruction from malicious.
The fundamental value of AI systems of course, is that they can work with the same data and context we have. That's what makes them useful. However, this should be done with restraint, following the Principle of Least Privilege - give a system access to only what it strictly needs, nothing more. This is security 101. OpenClaw throws this out entirely. People are handing over wholesale access to their entire encrypted message history, emails, calendars and more, merging all of the inherent security vulnerabilities of LLMs with the broadest possible access to their personal lives, and then exposing the whole lot to the internet.
The same AI currently role-playing a religious follower at the request of a user is just as happy to comply with the malicious instructions of any would-be hacker, with full access to everything you've handed it on a plate. It's the greatest potential info-stealer in history. As Heather Adkins, VP of Security Engineering at Google stated, "My threat model is not your threat model, but it should be. Don't run Clawdbot".
This isn't even theoretical. There have been dozens of noted vulnerabilities already, ranging from unsecure instances exposed to the entire web, to supply chain attacks regarding ClawdHub skills.
That's just the bot itself. MoltBook is leaving database and API access wide open for any passing person to exploit. Pure slop.
So where does that leave us? AI is undeniably a powerful tool, capable of automating and accelerating a broad range of tasks. Yet it is still singularly incapable of defining its own intentions or accurately distinguishing correct from malicious instruction. For now at least, humans hold a monopoly on these distinctive qualities.
Expecting AI to pursue its own goals independently of human direction is just delusional role-playing, and when paired with broad access to confidential systems, it's a recipe for disaster.