top | item 46886316

(no title)

This felt like a sane and useful case until you mentioned the access to bank account side.

I just don't see a reason to allow OpenClaw to make purchases for you, it doesn't feel like something that a LLM should have access to. What happens if you accidentally end up adding a new compromised skill?

Or it purchases you running shoes, but due to a prompt injection sends it through a fake website?

Everything else can be limited, but the buying process is currently quite streamlined, doesn't take me more than 2 minutes to go through a shopify checkout.

Are you really buying things so frequently that taking the risk to have a bot purchase things for you is worth it?

I think that's what turns this post from a sane bullish case to an incredibly risky sentiment.

I'd probably use openclaw in some of the ways you're doing, safe read-only message writing, compiling notes etc & looking at grocery shopping, but i'd personally add more strict limits if I were you.

discuss

mixologic|25 days ago

What if... that whole post is written by AI, and the express intent of the post is to sand down our natural instincts for security, making it easier for malskill devs to take advantage?

endymion-light|24 days ago

Then it's done a horrible job! As all I could think was surely you're not making the efficiency gain you state.

It's similiar to back when Notion second brain templates became popular, there was a level at which you went - surely it's just going to be a full time job to manage this single complicated template?

zozbot234|25 days ago

You could give it access to a limited budget and review its spending periodically. Then it can make annoying mistakes but it's not going to drain your bank account or anything.

chaostheory|25 days ago

Giving it access to a separate bank account and separate credit card would have been more sane.

endymion-light|24 days ago

I almost feel like the amount of effort required to set up a seperate limited budget bank account and review spending periodically is equivalent to just going to a link to checkout

But I may be a lazy engineer, I definitely go by the if you do it once, don't automate, do it twice, automate approach

krackers|25 days ago

>OpenClaw to make purchases for you

But don't you want the agents to book vacations and do the shopping for you!!?!

Though it would be nice if "deep research" could do the hard work of separating signal from the noise in terms of finding good quality products. But unfortunately that requires being extremely skeptical of everything written on the web and actively trying to suss out the ownership and supply chain involved, which isn't something agents can do unguided at the moment.

endymion-light|24 days ago

Yeah - and honestly, i'll probably use a agent like openclaw to do stuff like find flights, villas, find a good timing between X and Y date, get it formatted as a table and validate the websites.

Then, I can commit to the checkout process, which isn't that much labour.