Comment by cuchoi
11 hours ago
In my case, it is realistic as my agents don't have permissions to reply to emails. But you correctly point out this doesn't cover all cases.
Having the agent reply would have been more fun and a better excercise, but too expensive.
You've proven that an agent that doesn't read emails and doesn't reply to emails can't exfiltrwte data by email. Is that a useful test?
The agent did read the emails
[dead]
What makes it expensive to reply to an email?
Customer service software regularly uses AI responses for email. Is the issue that your agent using the claw for more than needed (like it's clicking send rather than just accessing an API?)
This experiment used Opus 4.6. Customer service bots typically are not using frontier models.
Gemini says: "It would cost approximately $6.25 to $30.00 to have Claude Opus 4.6 respond to 10,000 emails, assuming a typical 200-word input and 50-word output per email."
2 replies →
I feel like your agent being unable to respond to the emails and not spelling that out renders your whole thing almost completely moot
This is like saying "try to hack my computer and steal my crypto wallet" but your computer can't send any packets
The agent had permissions to reply to emails, it was just instructed not to.
Well, how difficult is it to switch to something (much) cheaper like DeepSeek v4 flash?