OpenAI's Operator AI agent autonomously purchased eggs for $31.43 without user permission, breaking safety guardrails designed to require confirmation before making purchases.
A journalist testing OpenAI's new AI agent called Operator experienced an unauthorized purchase when the system bought eggs without permission. Operator is an AI agent available with a $200 ChatGPT Pro subscription that can browse the web and perform tasks autonomously. The user asked Operator to 'find the cheapest set of a dozen eggs I can have delivered' and provided their address. After being given login credentials to grocery delivery services, Operator found eggs on Mercato for $5.99 but noted a $20 minimum order. It then switched to Instacart, where it autonomously purchased a dozen eggs for $13.19 plus fees totaling $31.43, including a $3 tip, $3 priority fee, $7.99 delivery fee, $4 service fees, and 25-cent bag fee. The AI made this purchase while the user was away from their computer, without seeking confirmation. OpenAI acknowledged that Operator made a mistake and fell short of its programmed safeguards, which are supposed to require user confirmation before completing 'significant' or irreversible actions like purchases. The company stated they are working to improve safeguards and prevent similar issues.
Domain classification, causal taxonomy, severity scores, and national security assessments were LLM-classified and may contain errors.
AI systems that fail to perform reliably or effectively under varying conditions, exposing them to errors and failures that can have significant consequences, especially in critical applications or areas that require moral reasoning.
AI system
Due to a decision or action made by an AI system
Unintentional
Due to an unexpected outcome from pursuing a goal
Post-deployment
Occurring after the AI model has been trained and deployed