alt Hacker NewsThis felt like a sane and useful case until you mentioned the access to bank account side.
I just don't see a reason to allow OpenClaw to make purchases for you, it doesn't feel like something that a LLM should have access to. What happens if you accidentally end up adding a new compromised skill?
Or it purchases you running shoes, but due to a prompt injection sends it through a fake website?
Everything else can be limited, but the buying process is currently quite streamlined, doesn't take me more than 2 minutes to go through a shopify checkout.
Are you really buying things so frequently that taking the risk to have a bot purchase things for you is worth it?
I think that's what turns this post from a sane bullish case to an incredibly risky sentiment.
I'd probably use openclaw in some of the ways you're doing, safe read-only message writing, compiling notes etc & looking at grocery shopping, but i'd personally add more strict limits if I were you.
Replies
You could give it access to a limited budget and review its spending periodically. Then it can make annoying mistakes but it's not going to drain your bank account or anything.
What if... that whole post is written by AI, and the express intent of the post is to sand down our natural instincts for security, making it easier for malskill devs to take advantage?