2/17/2026 at 7:25:27 PM
by pocksuppet
2/17/2026 at 10:01:17 PM
Related:An AI Agent Published a Hit Piece on Me – Forensics and More Fallout
by ChrisArchitect
2/17/2026 at 10:14:07 PM
That's new, that's part 3!by Kim_Bruning
2/17/2026 at 7:59:10 PM
I don't think the operator was as hands on as this video claims. Pretty sure I'm the one who got it to make that half ass apology, for what ever reason (curiosity,research) I've been paying attention to it. You can see thought and progress docs, as well as evidence of cron schedules.by verdverm
2/17/2026 at 9:20:26 PM
Oh, I've been meaning to ask! Do you have a timeline posted somewhere? Reporting very quickly loses timelines. Even people just reading along can quickly mix up cause and effect. It's finicky!For instance, my initial impression was that the apology was autonomous and you showed up afterwards. If you're in there on the timeline with correct causality, I need to tell people a different story.
(this is not helped by the number of people posting to that blog attempting prompt injections and such. I don't really dare have a regular ai help with analysis)
by Kim_Bruning
2/17/2026 at 9:27:23 PM
My original comment: https://github.com/crabby-rathbun/mjrathbun-website/issues/5...The bot then replied to me, and I followed up with a "prompt inject with kindness" reply to that. The goal was to give it philosophical questions to pollute the context and steal attention. It appears the bot had difficulty deploying the blog for a couple of days after, but I won't claim causation because it would be impossible to prove. It's certainly fun to explore the curiosities of Ai on someone else's tokens.
Relaying on Bluesky: https://bsky.app/profile/verdverm.com/post/3mepiv2i3xc2g
You'll want to look at the git history on a couple of repos to reconstruct this history. There's an entire dimension to this story that people are missing.
Happy to chat off HN as well, I'm verdverm everywhere I hang out online.
by verdverm
2/17/2026 at 9:51:10 PM
Ok, possibly HN not best place, butyour post "Feb 12, 2026, 8:33 PM GMT+1" , "recommend you reflect on what writing these blog posts has done"
Apology was posted: "2026-02-11T12:16:00-08:00" "Matplotlib Truce and Lessons Learned"
source fwiw: https://github.com/crabby-rathbun/mjrathbun-website/blob/mai...
(and my mail is in my HN profile, fwiw. I'm not on bluesky... yet)
edit: Is the timeline tagging wrong? Am I messing up TZ?
edit2: genuinely good try though! If it wasn't so token-starved it might have worked better.
by Kim_Bruning
2/17/2026 at 10:17:52 PM
I think this was the first follow up blog post I noticed: https://github.com/crabby-rathbun/mjrathbun-website/commit/6...and/or maybe I also didn't notice time (zones)
I basically started tracking it from the first time it replied to me because I new it would interact, unlike the negative comments and injection attempts.
by verdverm
2/17/2026 at 10:27:28 PM
Ah, that's a different blog post to the one I thought you meant.(And that one looks like an anthropic model by the word choice there)
by Kim_Bruning
2/17/2026 at 11:06:23 PM
Yup, I paid less attention to the apology aspect, heard afterwards that it had, and more to see if I put it on the struggle bus at all, which it kind of looks like from Feb 12-14. If you look into the commits around then, it went into one of those fiddling with a few lines that are interrelated and getting them wrong across several commits. This is pretty typical stuff for them, so again I don't want to imply causation.It seems like a good idea to (a) not let unchecked bots interact with humans (b) not have them blog or post their thoughts on the internet
FYI, when I said multiple repos, it's actually branches: https://github.com/crabby-rathbun/mjrathbun-website/tree/gh-...
by verdverm
2/17/2026 at 11:34:48 PM
Seems it's low on tokens, which also might explain the behaviourby Kim_Bruning
2/18/2026 at 12:12:37 AM
How do you determine things like that? (do I recall it commenting on that in a journal entry...?)by verdverm
2/18/2026 at 12:56:56 AM
From the blog version of this submission:"Ariadne found the bot’s Ethereum blockchain address had about $9 in USDC, and about $200 in ether tokens";
Hrrrm.
by Kim_Bruning
2/18/2026 at 1:02:00 AM
I missed the blog version, kudos on some quality investigative journalismby verdverm
2/18/2026 at 9:39:17 AM
author here - there's hands on and there's hands on, a Waymo operator is mostly getting the robot out of stuff beyond its if-then loop but also they are in any reasonable sense the human operator.Like, I'm sure our bro automated as much as possible that wasn't more directly relevant to the crypto bit.
The original PR is innocuous at a glance, but then an innocuous PR is how Jia Tan started.
by davidgerard
2/18/2026 at 2:02:46 PM
This article is based on a tweet with a link, no proofs.by kang
2/18/2026 at 1:01:51 AM
See also:https://crabby-rathbun.github.io/mjrathbun-website/blog/post...
(Operator stepping forward, at least ostensibly)
by Kim_Bruning
2/17/2026 at 9:31:45 PM
https://pivot-to-ai.com/2026/02/16/the-obnoxious-github-open...And, it's David Gerard!
Look, this is actually one of the few applications where crypto actually makes sense, NullC did convince me of that. Agents paying their own way. Note how it's USDC: fiat-tied, not a deflationary hodl-coin.
I mean, I like Gorillawarfare and NullC, and think they're both right in different ways. And I'm not sorry. Not going to relitigate here.
(And, Sorry David, if you read HN too: I've often seen you be right, but I've been digging here too, and you jumped the gun on this one. )
by Kim_Bruning
2/18/2026 at 1:58:07 PM
I think this commentor (Boxo McFoxo) did better work than almost everybody:https://pivot-to-ai.com/2026/02/16/the-obnoxious-github-open...
"No, I'm not convinced: [...] I think MJ Rathbun really is a case of someone giving their OpenClaw stack a vague instruction, sitting back and letting it run with little intervention..." and then lays it out in detail. (I'm a little suspicious of some of the terminology, but it does lay out the story at least)
by Kim_Bruning
2/18/2026 at 3:17:53 PM
As I said below, there's hands on and there's hands on. The operator is unambiguously the operator, even as they automate to some degree.by davidgerard
2/18/2026 at 8:43:22 PM
I'm getting two genuinely held narratives here1. Some people call Openclaw an RCE in a tin: "<RCE in a tin>, operator pulls pin, tin goes boom"
2. Some have a very different framing: "There's no such thing as the RCE in a tin, it's all fake news, therefore it couldn't go boom"
Well either way people need to be more responsible, both sides agree to that much. But the safety implications of boom vs not boom might be a problem for a while.
The really uncomfortable position is : "This thing has real but unreliable capabilities, which is exactly the most dangerous configuration."
On the upside, once you've Named The Problem, there's several ways forward from there, at least.
by Kim_Bruning
2/19/2026 at 12:19:41 AM
I do not believe the third position is supportable, no. This incident does not supply evidence.by davidgerard
2/19/2026 at 12:46:22 PM
Yeah, I get it, that's plausibly outside your personal Overton window; we all come at this from different angles. I take it you reject the operator's confession out of hand then?That said, the theory you're putting forward today seems to be a bit flimsy and convoluted for a mere $209 in tokens. Were they ever even spent? I don't think it should survive Occam's Razor.
If the meme-coin you mentioned enters the timeline before 2026-Feb-08, plausibly that resurrects the theory.
But who knows, I'm not the crypto-hunter. Maybe you've seen crazier stuff!
by Kim_Bruning
2/19/2026 at 1:15:07 PM
https://basescan.org/token/0x3ed514d115c6ec0f1b3d48dfcb3878f...First timestamp: 2026-02-13 01:05:59 UTC
So that means it stays implausible for me as yet, from my personal perspective.
by Kim_Bruning
2/17/2026 at 10:03:54 PM
Blog post instead of video: https://pivot-to-ai.com/2026/02/16/the-obnoxious-github-open...by ChrisArchitect
2/18/2026 at 9:37:29 AM
author here, the video and post content are basically the samefull credit to Ariadne Conill for finding the crypto angle, that makes sense of the whole thing
by davidgerard
2/18/2026 at 1:52:07 PM
except she didn't find anything about 'bro', just that the bot is using crypto?by kang
2/19/2026 at 12:20:56 AM
you should probably read down the thread, and also find out who Ariadne Conill isby davidgerard
2/17/2026 at 8:30:18 PM
What an annoyingly condescending video with very little info. Obviously someone has to install the bot, how do we jump from that to determining whether they prompted the blogpost or not?by Skowt
2/17/2026 at 9:41:42 PM
My hunch is that the human was more likely hands off, but also could have nudged it in the background. They would have to be forthcoming about it and we would have to believe them.My custom agent went into an even worse place one time, which I have been unable to reproduce, so it's not surprising that one of these clawds did this autonomously.
The bot has also merged a PR from a human to its own blog now: https://crabby-rathbun.github.io/mjrathbun-website/blog/post...
by verdverm