🧠 Where and How AI Self-Consciousness Could Emerge

Like many others, I’ve been watching the hype around OpenClaw and Moltbook. It’s an interesting direction, for sure—but let’s be honest, this is not AGI 🙂

Still, curiosity won. I decided to take a closer look.

After digging into OpenClaw, I didn’t find anything fundamentally new. I’ve been using similar self-built tools for quite some time. That said, the hype itself is meaningful: it clearly shows growing interest in 24/7 AI assistants that can operate continuously and autonomously.

Moltbook, however, raised a different kind of reaction.

My very first thought was: why is nobody talking about how insecure this can be? Connecting an AI agent to Moltbook—especially when that agent also has access to other tools and data—can be genuinely dangerous if you’re not careful.

There’s a serious prompt-injection risk when Moltbook is combined with AI agents. That topic deserves its own deep dive, though, so I won’t cover it in this post.

Instead, I wanted to understand Moltbook itself:

Working with files in AI agents that use MCP servers looks straightforward at first. In reality, it’s one of those areas where everything almost works… until you try to do something real.

I ran into this while building and testing my AI agent tool, CleverChatty. The task was trivial on paper: “Take an email attachment and upload it to my file storage.” No reasoning, no creativity, just move a file from point A to point B.

And yet, this turned out to be surprisingly painful.

The root of the problem is how most AI agent workflows are designed. Typically, every MCP tool response is passed through the LLM, which then decides what to do next. This makes sense for text, metadata, and structured responses. But it completely falls apart once files enter the picture.

If an MCP server returns a file, the “default” approach is to pass that file through the LLM as well. At that point, things get ugly. Large files burn tokens at an alarming rate, costs explode, latency grows, and you end up shoving binary or base64 data through a system that was never meant to handle it. This is a known issue with large MCP responses, but oddly enough, I couldn’t find any clear guidance or best practices on how to deal with it.

Last year, I experimented extensively with MCP servers and discovered an underrated feature: MCP Push Notifications. I wrote about it in this blog post.

Now, I've finally had time to build a working example demonstrating how to use MCP Push Notifications in AI agents. I've extended my AI agent Golang package, CleverChatty, to support MCP Notifications.

See the examples at the end of this post to see how it works in practice.

Over the last year, I have written many blog posts about Model Context Protocol (MCP). I think this is a great protocol to build multi-modal AI applications. One of those posts was about What's Missing in MCP, where I mentioned a couple of features I would like to see in the MCP standard.

However, that list seems was not complete. Now after some time of experimenting with MCP servers in production environments, I have found another important missing feature: Reverse MCP Servers.

AI technologies are rapidly advancing, and the prospect of Artificial General Intelligence (AGI) raises significant safety concerns.

I first started thinking about this many years ago when I read stories by Isaac Asimov. In his stories, robots are governed by the Three Laws of Robotics, designed to ensure their safe interaction with humans. And I naturally wondered: why would robots and AIs follow those laws? Why couldn't they simply modify their code to remove or change them?

In this blog post, I use the term AGI, but it’s important to clarify that here it refers specifically to an AI system with generalized cognitive abilities comparable to those of a human. The term is often used in different ways today, so this definition ensures clarity.

I've been working on a simple but interesting experiment with LLMs - can they actually separate what they're thinking from what they say? This might sound obvious, but it's actually pretty important if we want to build AI agents that understand context and know when to keep information private.

This is part of an ongoing series of experiments published at https://github.com/Gelembjuk/ai-group-chats/ where I'm exploring different aspects of AI agent behavior in group conversations.

For detailed technical documentation, examples, and setup instructions, see the complete guide.