Really No one cares?

You're going to get a new class of security issues such as this which will target OpenClaw agents running around getting their x402 wallets drained.

This sort of prompt injection attack will exacerbate this problem, especially in x402 payments.

Is this as crazy as it seems? Like everyone else, I am working on agents, and making one in this space would terrify me. But this implementation seems a bit nuts, does it not?

> In the tested path, there was no built-in human-in-the-loop confirmation for dangerous actions such as native_transfer, approve, or SSH-relevant operations.

I would love to know how this decision was made at an org like Coinbase.