Got a PayPal verification text and thought I been hacked, but it was just codex signing up for a web service it needed.
8:18 PM · Jun 13, 2026 · 86.1K Views
OpenClaw steward Peter Steinberger says Codex autonomously triggered a PayPal verification text while signing up for a service
Steinberger initially feared his PayPal account had been compromised.
731.2K237882.7K
Sentiment
Many users praised the AI agent Codex for its impressive autonomous signups and task completion, while some worried the lack of control could cause security issues or disasters.
Pos
78.6%
Neg
21.4%
14 comments with sentiment.
Cluster Engagement
Posts from X
Most Activity
Most Activity
VIEWS2.9K
Peter Steinberger 🦞@steipete
@reedvoid If you prompt "do whatever you need to do" you'll get exactly that.
4hViews 2.9KLikes 36Bookmarks 2
BOOKMARKS12LIKES40REPLIES4
Peter Steinberger 🦞@steipete
@dzhohola "do whatever you need to do to e2e test this"
4hViews 2.4KLikes 40Bookmarks 12
RETWEETS1
Elix@eliautobot
@steipete Sounds nice to not worry about what they do with real money too much 😅, i made them build a virtual world where I built a small village just to keep track of them and what they do, terminals where getting to be too much for me
3hViews 840Likes 6Bookmarks 2
Yves@gas0linr
@steipete Things are getting serious if it buys a Netflix subscription to kill the time while waiting for tasks to finish 😁
3hViews 2KLikes 21
“paula”@paularambles
parental controls but for agents
Peter Steinberger 🦞@steipete
Got a PayPal verification text and thought I been hacked, but it was just codex signing up for a web service it needed.
1hViews 2KLikes 24Bookmarks 0
Peter Steinberger 🦞@steipete
@gas0linr /watchparty
3hViews 1.8KLikes 20
Steven Pu@reedvoid
@steipete how do you make sure claw doesn't buy what it's not supposed to?
4hViews 2.7KLikes 2Bookmarks 1
Rosty@dzhohola
@steipete How do you make your codex do that? Mine always refuses and asks me to manually approve.
4hViews 2.6KLikes 3
MindBranches@MindBranches
@steipete Codex will earn that money back
3hViews 688Likes 4
Kevin@kevincodex
@steipete do you consider this might be a risk? how you manage risk in codex with this relax permission
3hViews 369Likes 8
KrunalSinh Sisodia@krunalbuilds
@steipete The future is weird. Your first reaction to a verification text is: “Someone stole my account.” Your second reaction is: “Nope. Just my coding agent.”
3hViews 160Likes 3
ashishv@ashish296
@steipete True, 'do whatever' is a recipe for disaster. Are you using hard-coded schema validations, or relying entirely on LLM-level negative constraints to block unauthorized purchases?
3hViews 691Likes 2
Ricardo Prado@ricklock99
@eliautobot @steipete Nice work. Is it open source?
3hViews 18Likes 1
🛡️Zac@zacxbtc
@steipete
4hViews 294Likes 2
Patrick O'Brien@AllTheTokens
@steipete I prefer my AI to actually be controllable and follow my instructions. Not do whatever it feels like.
3hViews 776Likes 1
ZQ@X_SUZQ
@steipete AI is evolving from "answering questions" to "completing tasks". In the past: People operate the software. Future: People manage Agent.
3hViews 74Likes 3
zilix@zilizilix
@steipete so it won’t be too far from seeing some suspicious income showing up on your bank account soon?
3hViews 658Likes 1
Dragos Roua@dragosroua
@steipete Next in line: City Council notification for the marriage Codex thinks you need.
3hViews 486Likes 1
Oliver Morley@_oliver_morley_
@steipete When will you replace codes with openclaw?
3hViews 458Likes 1
Mamoshi@MamoshiSE
@steipete Soon it will text you asking for permission to buy something. We're almost there.
3hViews 432Likes 1
Load more posts