Why am I not surprised!?
"Nothing humbles you like telling your OpenClaw 'confirm before acting' and watching it speedrun deleting your inbox. I couldn't stop it from my phone. I had to RUN to my Mac mini like I was defusing a bomb."
Kudos to Summer Yue for telling her story. What surprised me the most is not the loss of emails due to an agent getting confused — context compaction, instruction dilution in long context, accidental (or not) prompt injection via emails, or many other factors could contribute to this sort of outcome.
What worries me the most are the comments from people who are surprised this happened. And that's someone who understood the potential risks, but underestimated them.
Please, be even more prudent:
-
Don't gamble with money you can't afford to lose.
-
Don't give free rein to AI Agents on data/systems you can't afford to lose.