Comment by uxhacker
11 hours ago
So the question is can you do anything useful with the agent risk free.
For example I would love for an agent to do my grocery shopping for me, but then I have to give it access to my credit card.
It is the same issue with travel.
What other useful tasks can one offload to the agents without risk?
The solution is proxy everything. The agent doesn't have an api key, or yoyr actual credit card. It has proxies of everything but the actual agent lives in a locked box.
Control all input out of it with proper security controls on it.
While not perfect it aleast gives you a fighting chance when your AI decides to send a random your SSN and a credit card to block it.
Unfortunately I don't think this works either, or at least isn't so straightforward.
Claude code asks me over and over "can I run this shell command?" and like everyone else, after the 5th time I tell it to run everything and stop asking.
Maybe using a credit card can be gated since you probably don't make frequent purchases, but frequently-used API keys are a lost cause. Humans are lazy.
> The solution is proxy everything.
Who knew it'd be so simple.
With the right approval chain it could be useful.
The agent is tricked into writing a script that bypasses whatever vibe coded approval sandbox is implemented.
Picturing the agent calling your own bank to reset your password so it can login and get RW access to your bank account, and talking (with your voice) to a fellow AI customer service clanker
Imagine how specific you'd have to be to ensure you got the actual items on your list?