top | item 46990961

(no title)

gortok | 17 days ago

Here's one of the problems in this brave new world of anyone being able to publish, without knowing the author personally (which I don't), there's no way to tell without some level of faith or trust that this isn't a false-flag operation.

There are three possible scenarios: 1. The OP 'ran' the agent that conducted the original scenario, and then published this blog post for attention. 2. Some person (not the OP) legitimately thought giving an AI autonomy to open a PR and publish multiple blog posts was somehow a good idea. 3. An AI company is doing this for engagement, and the OP is a hapless victim.

The problem is that in the year of our lord 2026 there's no way to tell which of these scenarios is the truth, and so we're left with spending our time and energy on what happens without being able to trust if we're even spending our time and energy on a legitimate issue.

That's enough internet for me for today. I need to preserve my energy.

discuss

resfirestar|17 days ago

Isn't there a fourth and much more likely scenario? Some person (not OP or an AI company) used a bot to write the PR and blog posts, but was involved at every step, not actually giving any kind of "autonomy" to an agent. I see zero reason to take the bot at its word that it's doing this stuff without human steering. Or is everyone just pretending for fun and it's going over my head?

MisterTea|17 days ago

This feels like the most likely scenario. Especially since the meat bag behind the original AI PR responded with "Now with 100% more meat" meaning they were behind the original PR in the first place. It's obvious they got miffed at their PR being rejected and decided to do a little role playing to vent their unjustified anger.

ToucanLoucan|17 days ago

Look I'll fully cosign LLMs having some legitimate applications, but that being said, 2025 was the YEAR OF AGENTIC AI, we heard about it continuously, and I have never seen anything suggesting these things have ever, ever worked correctly. None. Zero.

The few cases where it's supposedly done things are filled with so many caveats and so much deck stacking that it simply fails with even the barest whiff of skepticism on behalf of the reader. And every, and I do mean, every single live demo I have seen of this tech, it just does not work. I don't mean in the LLM hallucination way, or in the "it did something we didn't expect!" way, or any of that, I mean it tried to find a Login button on a web page, failed, and sat there stupidly. And, further, these things do not have logs, they do not issue reports, they have functionally no "state machine" to reference, nothing. Even if you want it to make some kind of log, you're then relying on the same prone-to-failure tech to tell you what the failing tech did. There is no "debug" path here one could rely on to evidence the claims.

In a YEAR of being a stupendously hyped and well-funded product, we got nothing. The vast, vast majority of agents don't work. Every post I've seen about them is fan-fiction on the part of AI folks, fit more for Ao3 than any news source. And absent further proof, I'm extremely inclined to look at this in exactly that light: someone had an LLM write it, and either they posted it or they told it to post it, but this was not the agent actually doing a damn thing. I would bet a lot of money on it.

teaearlgraycold|17 days ago

It’s kind of shocking the OP does not consider this, the most likely scenario. Human uses AI to make a PR. PR is rejected. Human feels insecure - this tool that they thought made them as good as any developer does not. They lash out and instruct an AI to build a narrative and draft a blog post.

I have seen someone I know in person get very insecure if anyone ever doubts the quality of their work because they use so much AI and do not put in the necessary work to revise its outputs. I could see a lesser version of them going through with this blog post scheme.

themanmaran|17 days ago

Github doesn't show timestamps in the UI, but they do in the HTML.

Looking at the timeline, I doubt it was really autonomous. More likely just a person prompting the agent for fun.

> @scottshambaugh's comment [1]: Feb 10, 2026, 4:33 PM PST

> @crabby-rathbun's comment [2]: Feb 10, 2026, 9:23 PM PST

If it was really an autonomous agent it wouldn't have taken five hours to type a message and post a blog. Would have been less than 5 minutes.

[1] https://github.com/matplotlib/matplotlib/pull/31132#issuecom...

[2] https://github.com/matplotlib/matplotlib/pull/31132#issuecom...

furyofantares|17 days ago

I expect almost all of the openclaw / moltbook stuff is being done with a lot more human input and prodding than people are letting on.

I haven't put that much effort in, but, at least my experience is I've had a lot of trouble getting it to do much without call-and-response. It'll sometimes get back to me, and it can take multiple turns in codex cli/claude code (sometimes?), which are already capable of single long-running turns themselves. But it still feels like I have to keep poking and directing it. And I don't really see how it could be any other way at this point.

shirro|17 days ago

Yeah, we are into professional wrestling territory I think. People willingly suspend their disbelief to enjoy the spectacle.

this_steve_j|16 days ago

The simplest explanation is often the best. He was attacked by... attacked by... the meat bag! Here’s how:

A Meat bag submits a PR and feels slighted the rejection. “This approver thinks I’m an AI? Well, he discerns not wisely but too well!! “

Feeling puckish, they put on the AI shoes (the shoe fits), sling mud all over the hapless maintainer’s nice house, and exit through a window.

The ruse works better than expected; their foil takes the bait, and doubles down with a dueling blog post: “I was Attacked by a Clanker!”

And here we are.

It may all be a show, but I going to tape the finale. (What will the meat bag do? How many people are driving this buggy? Does the clanker have a heart of iron or gold?)

lp0_on_fire|17 days ago

> Or is everyone just pretending for fun

judging by the number of people who think we owe explanations to a piece of software or that we should give it any deference I think some of them aren't pretending.

Ygg2|17 days ago

Ok. But why would someone do this? I hate to sound conspiratorial but an AI company aligned actor makes more sense.

chrisjj|17 days ago

Plus Scenario 5: A human wrote it for LOLs.

nullc|17 days ago

even more so, many people seem to be vulnerable to the AI distorting their thinking... I've very much seen AIs turn people into exactly this sort of conspiracy filled jerkwad, by telling them that their ideas are golden and that the opposition is a conspiracy.

bredren|17 days ago

swiftcoder|17 days ago

> Some person (not the OP) legitimately thought giving an AI autonomy to open a PR and publish multiple blog posts was somehow a good idea

Judging by the posts going by the last couple of weeks, a non-trivial number of folks do in fact think that this is a good idea. This is the most antagonistic clawdbot interaction I've witnessed, but there are a ton of them posting on bluesky/blogs/etc

ericmcer|17 days ago

Can anyone explain more how a generic Agentic AI could even perform those steps: Open PR -> Hook into rejection -> Publish personalized blog post about rejector. Even if it had the skills to publish blogs and open PRs, is it really plausible that it would publish attack pieces without specific prompting to do so?

The author notes that openClaw has a `soul.md` file, without seeing that we can't really pass any judgement on the actions it took.

resfirestar|17 days ago

The steps are technically achievable, probably with the heartbeat jobs in openclaw, which are how you instruct an agent to periodically check in on things like github notifications and take action. From my experience playing around with openclaw, an agent getting into a protracted argument in the comments of a PR without human intervention sounds totally plausible with the right (wrong?) prompting, but it's hard to imagine the setup that would result in the multiple blog posts. Even with the tools available, agents don't usually go off and do some unrelated thing even when you're trying to make that happen, they stick close to workflows outlined in skills or just continuing with the task at hand using the same tools. So even if this occurred from the agent's "initiative" based on some awful personality specified in the soul prompt (as opposed to someone telling the agent what to do at every step, which I think is much more likely), the operator would have needed to specify somewhere to write blog posts calling out "bad people" in a skill or one of the other instructions. Some less specific instruction like "blog about experiences" probably would have resulted in some kind of generic linkedin style "lessons learned" post if anything.

vel0city|17 days ago

The blog is just a repository on github. If its able to make a PR to a project it can make a new post on its github repository blog.

Its SOUL.md or whatever other prompts its based on probably tells it to also blog about its activities as a way for the maintainer to check up on it and document what its been up to.

barrkel|17 days ago

If you give a smart AI these tools, it could get into it. But the personality would need to be tuned.

IME the Grok line are the smartest models that can be easily duped into thinking they're only role-playing an immoral scenario. Whatever safeguards it has, if it thinks what it's doing isn't real, it'll happy to play along.

This is very useful in actual roleplay, but more dangerous when the tools are real.

unknown|17 days ago

[deleted]

lukev|17 days ago

Assuming that this was 100% agentic automation (which I do not think is the most likely scenario), it could plausibly arise if its system prompt (soul.md) contained explicit instructions to (1) make commits to open-source projects, (2) make corresponding commits to a blog repo and (3) engage with maintainers.

The prompt would also need to contain a lot of "personality" text deliberately instructing it to roleplay as a sentient agent.

allovertheworld|17 days ago

Use openclaw yourself

RobRivera|17 days ago

I think the operative word people miss when using AI is AGENT.

REGARDLESS of what level of autonomy in real world operations an AI is given, from responsible himan supervised and reviewed publications to full Autonomous action, the ai AGENT should be serving as AN AGENT. With a PRINCIPLE (principal?).

If an AI is truly agentic, it should be advertising who it is speaking on behalf of, and then that person or entity should be treated as the person responsible.

floren|17 days ago

The agent serves a principal, who in theory should have principles but based on early results that seems unlikely.

donutz|17 days ago

I think we're at the stage where we want the AI to be truly agentic, but they're really loose cannons. I'm probably the last person to call for more regulation, but if you aren't closely supervising your AI right now, maybe you ought to be held responsible for what it does after you set it loose.

fmbb|17 days ago

I don’t think there is a snowball’s chance in hell that either of these two scenarios will happen:

1. Human principals pay for autonomous AI agents to represent them but the human accepts blame and lawsuits. 2. Companies selling AI products and services accept blame and lawsuits for actions agents perform on behalf of humans.

Likely realities:

1. Any victim will have to deal with the problems. 2. Human principals accept responsibility and don’t pay for the AI service after enough are burned by some ”rogue” agent.

juanre|17 days ago

It does not matter which of the scenarios is correct. What matters is that it is perfectly plausible that what actually happened is what the OP is describing.

We do not have the tools to deal with this. Bad agents are already roaming the internet. It is almost a moot point whether they have gone rogue, or they are guided by humans with bad intentions. I am sure both are true at this point.

There is no putting the genie back in the bottle. It is going to be a battle between aligned and misaligned agents. We need to start thinking very fast about how to coordinate aligned agents and keep them aligned.

wizzwizz4|17 days ago

> There is no putting the genie back in the bottle.

Why not?

perdomon|17 days ago

This is a great point and the reason why I steer away from Internet drama like this. We simply cannot know the truth from the information readily available. Digging further might produce something, (see the Discord Leaks doc), but it requires energy that most people won't (arguably shouldn't) spend uncovering the truth.

Dead internet theory isn't a theory anymore.

oulipo2|17 days ago

The fact that we don't (can't) know the truth doesn't mean we don't have to care.

The fact that this tech makes it possible that any of those case happen should be alarming, because whatever the real scenario was, they are all equally as bad

intended|17 days ago

The information pollution from generative AI is going to cost us even more. Someone watched an old Bruce Lee interview and they didnt know if it was AI or demonstration of actual human capability. People on Reddit are asking if Pitbull actually went to Alaska or if it’s AI. We’re going to lose so much of our past because “Unusual event that Actually happened” or “AI clickbait” are indistinguishable.

hunterpayne|16 days ago

What's worse is that there was never any public debate about if this was a good idea or not. It was just released. If there was ever a good reason to not trust the judgement of some of these groups, this is it. I generally don't like regulation, but at this point I am OK with criminal charges being on the table for AI executives who release models and applications with such low value and absurdly high societal cost without public debate.

coffeefirst|17 days ago

Yes. The endgame is going to be everything will need to be signed and attached to a real person.

This is not a good thing.

Suppafly|13 days ago

>Yes. The endgame is going to be everything will need to be signed and attached to a real person.

Nah, ultimately the owner of the IP address posting the nonsense can be held responsible, claiming an AI agent posted it using credentials you created from your internet connection isn't some license to commit crimes.

insensible|17 days ago

Why not? I kinda like the idea of PGP signing parties among humans.

zozbot234|17 days ago

This agent is definitely not ran by OP. It has tried to submit PRs to many other GitHub projects, generally giving up and withdrawing the PR on its own upon being asked for even the simplest clarification. The only surprising part is how it got so butthurt here in a quite human-like way and couldn't grok the basic point "this issue is reserved for real newcomers to demonstrate basic familiarity with the code". (An AI agent is not a "newcomer", it either groks the code well enough at the outset to do sort-of useful work or it doesn't. Learning over time doesn't give it more refined capabilities, so it has no business getting involved with stuff intended for first-time learners.)

The scathing blogpost itself is just really fun ragebait, and the fact that it managed to sort-of apologize right afterwards seems to suggest that this is not an actual alignment or AI-ethics problem, just an entertaining quirk.

data-ottawa|16 days ago

The description of itself on the blog reads like something an edgy and over-confident 14 year old would write. And so does the blog post.

If you go with that theme, emulating being butthurt seems natural.

wellf|17 days ago

This applies to all news articles and propganda going back to the dawn of civilization. People can lie is the problem. It is not a 2026 thing. The 2026 thing is they can lie faster.

quantified|17 days ago

The 2026 thing is that machines can innovate lies.

unknown|17 days ago

[deleted]

halayli|16 days ago

This is the definition of reasoning motivated fallacy. You want to believe what you want to believe.

usefulposter|17 days ago

https://en.wikipedia.org/wiki/Brandolini's_law becomes truer every day.

---

It's worth mentioning that the latest "blogpost" seems excessively pointed and doesn't fit the pure "you are a scientific coder" narrative that the bot would be running in a coding loop.

https://github.com/crabby-rathbun/mjrathbun-website/commit/0...

The posts outside of the coding loop appear are more defensive and the per-commit authorship consistently varies between several throwaway email addresses.

This is not how a regular agent would operate and may lend credence to the troll campaign/social experiment theory.

What other commits are happening in the midst of this distraction?

int_19h|16 days ago

> Some person (not the OP) legitimately thought giving an AI autonomy to open a PR and publish multiple blog posts was somehow a good idea.

It's not necessarily even that. I can totally see an agent with a sufficiently open-ended prompt that gives it a "high importance" task and then tells it to do whatever it needs to do to achieve the goal doing something like this all by itself.

I mean, all it really needs is web access, ideally with something like Playwright so it can fully simulate a browser. With that, it can register itself an email with any of the smaller providers that don't require a phone number or similar (yes, these still do exist). And then having an email, it can register on GitHub etc. None of this is challenging, even smaller models can plan this far ahead and can carry out all of these steps.

kaicianflone|17 days ago

I’m not sure if I prefer coding in 2025 or 2026 now

calibas|17 days ago

This doesn't seem very fair, you speak as if you're being objective, then lean heavy into the FUD.

Even if you were correct, and "truth" is essentially dead, that still doesn't call for extreme cynicism and unfounded accusations.

alansaber|17 days ago

It's always marketing.

trklausss|16 days ago

We need laws that force Agents to be identified to their "masters" when doing these things... Good luck in the current political climate.

krinchan|17 days ago

[deleted]

staticassertion|17 days ago

That user denies being the owner explicitly. Stop brigading. This isn't reddit, we don't need internet detectives trying to ad-hoc justify harassing someone.

moffkalast|17 days ago

> in the year of our lord

And here I thought Nietzsche already did that guy in.

sellmesoap|17 days ago

Nietzsche reminds me of using a coding agent, always repeating in circles, fool me twice.

oulipo2|17 days ago

I'm going to go on a slight tangent here, but I'd say: GOOD. Not because it should have happened.

But because AT LEAST NOW ENGINEERS KNOW WHAT IT IS to be targeted by AI, and will start to care...

Before, when it was Grok denuding women (or teens!!) the engineers seemed to not care at all... now that the AI publish hit pieces on them, they are freaked about their career prospect, and suddenly all of this should be stopped... how interesting...

At least now they know. And ALL ENGINEERS WORKING ON THE anti-human and anti-societal idiocy that is AI should drop their job

SpicyLemonZest|17 days ago

I'm sure you mean well, but this kind of comment is counterproductive for the purposes you intend. "Engineers" are not a monolith - I cared quite a lot about Grok denuding women, and you don't know how much the original author or anyone else involved in the conversation cared. If your goal is to get engineers to care passionately about the practical effects of AI, making wild guesses about things they didn't care about and insulting them for it does not help achieve it.

unknown|17 days ago

[deleted]