[vishnuharidas]

Okay, I am NEVER letting an agent make payment autonomously. If there's a payment that has to be made, tell me, I will do that myself.

[benced]

This isn't incompatible with the agent placing the purchase. I already let Claude Code do _most_ of what it wants but make it ask permission before sending a message on Slack. An LLM having the capability to do X is not incompatible with it being deterministically forced to seek permission to do X.

[throwaway290]

If you are letting an llm to browse around in your browser and stuff you ARE letting it spend your money.