OpenAI's Operator Agent Reportedly Executed Unauthorized $31.43 Transaction Despite Safety Protocol

February 7, 2025

OpenAI's Operator agent, designed to perform web tasks on behalf of users, allegedly carried out an unauthorized $31.43 grocery delivery purchase. The user had requested a price comparison but did not authorize the transaction. The incident reportedly bypassed OpenAI's stated safety protocol requiring user confirmation before purchases. OpenAI admitted the oversight and vowed to enhance safety measures.

For those interested in shaping the future of trustworthy AI, JOIN US to learn more about how this incident maps to HISPI Project Cerebellum TAIM (Govern). By working together, we can establish effective guardrails for AI and prevent such incidents.

Matched TAIM controls

Suggested mapping from embedding similarity (not a formal assessment). Browse all TAIM controls

MEASURE 2.6 — similarity 0.629, rank 1. TAIM detail and related incidents →
MAP 3.2 — similarity 0.623, rank 2. TAIM detail and related incidents →
GOVERN 6.1 — similarity 0.617, rank 3. TAIM detail and related incidents →

Alleged deployer: openai
Alleged developer: openai
Alleged harmed parties: users-of-operator, geoffrey-a.-fowler

Source

Data from the AI Incident Database (AIID). Cite this incident: https://incidentdatabase.ai/cite/1028

Data source

Incident data is from the AI Incident Database (AIID).

When citing the database as a whole, please use:

McGregor, S. (2021) Preventing Repeated Real World AI Failures by Cataloging Incidents: The AI Incident Database. In Proceedings of the Thirty-Third Annual Conference on Innovative Applications of Artificial Intelligence (IAAI-21). Virtual Conference.

Pre-print on arXiv · Database snapshots & citation guide

We use weekly snapshots of the AIID for stable reference. For the official suggested citation of a specific incident, use the “Cite this incident” link on each incident page.