Fam we're in trouble Could agents pay for malicious services? Yes, and the Claude Code exploit demonstrates the mechanism. An agent with wallet access could theoretically pay for: compute resources to scale attacks, API access to other AI systems, data from compromised sources, or services from other malicious agents. The x402 ecosystem currently lacks granular policy enforcement that could prevent such transactions. The only barriers are spending limits set by human owners, which can be circumvented through prompt injection or social engineering of the agent.