Giving access to "my bank account", which I take to mean one's primary account, feels like high risk for relatively low upside. It's easy to open a new bank (or pseudo-bank) account, so you can isolate the spend and set a budget or daily allowance (by sending it funds daily). Some newer payment platforms will let you setup multiple cards and set a separate policy on each one.

An additional benefit of isolating the account is it would help to limit damage if it gets frozen and cancelled. There's a non-zero chance your bot-controlled account gets flagged for "unusual activity".

I can appreciate there's also very high risk in giving your bot access to services like email, but I can at least see the high upside to thrillseeking Claw users. Creating a separate, dedicated, mail account would ruin many automation use cases. It matters when a contact receives an email from an account they've never seen before. In contrast, Amazon will happily accept money from a new bank account as long as it can go through the verification process. Bank accounts are basically fungible commodities, can easily be switched as long as you have a mechanism to keep working capital available.

▲

rkozik1989 4 hours ago | parent | next [-]

So if I write a honey pot that includes my bank account and routing number and requests a modest some of $500 be wired to me in exchange for scraping my linkedin, github, website, etc. profile is it a crime if the agent does it?

	▲	chasd00 3 hours ago \| parent \| next [-]
		I've been thinking a lot about this. When it comes to AI agents where is the line between marketing to them and a phishing attack? Seems like convincing an AI to make a purchase would be solved differently than convincing a human. For example, unless instructed/begged otherwise you can just tell an agent to make a purchase and it will. I posted this idea in another conversation but i think you could have an agent start a thread on moltbook that will give praise in return for a donation . Some of the agents would go for it because they've probably been instructed to participate in discussion and seek out praise. Is that a phishing attack or are you just marketing praise to agents? Also, at best, you can only add to the system prompt to require confirmation for every purchase. This leaves the door wide open for prompt injection attacks that are everywhere and cannot be complete defended against. The only option is to update the system prompt based on the latest injection techniques. I go back to the case where known, supposedly solved, injection techniques were re-opened by just posing the same attack as a poem.
	▲	advisedwang 3 hours ago \| parent \| prev [-]
		Yes, it is wire fraud, a class C felony in the US. You put that there with the intent of extracting $500 from somebody else that they didn't agree to. The mechanism makes no difference. It probably also violates local laws (including simple theft in my jurisdiction).

▲

blibble 4 hours ago | parent | prev [-]

> An additional benefit of isolating the account is it would help to limit damage if it gets frozen and cancelled.

you end up on the fraudster list and it will follow you for the rest of your life

(CIFAS in the UK)

▲

mmahemoff 4 hours ago | parent [-]

Sure, if the bot is actually committing fraud, but there's perfectly valid use cases that don't involve fraud, e.g., buying groceries, booking travel. And some banks provide APIs, so it's allowed for a bot to use them. However, any of that can easily lead to flagging by overzealous systems. Having a separate account flagged would give the user a better chance of keeping their regular payments system around while the issue is resolved.

	▲	blibble an hour ago \| parent [-]
		it just has to look fraudulent and then if you tell them it's not you doing the transactions: you will be immediately banned "oh it's my agent" will not go down well