The key problem arises when giving LLMs your credit card information, essentially PII that could be leaked, used as training data, or manipulated. The next layer up comes from the Agent orchestration (CrewAI, etc) that needs to be secure itself, but this agent will likely be running on some server opposed to locally. Finally, to hold customer credit card information, the developer will have to be PCI compliant. If they use Stripe, they have to fund the account and manage the transactions, fraud, compliance & account funding.
In this demo, what I did was use CrewAI to ask to find me an 8.5x11" notebook with a hard cover & elastic strap, multiple agents separated did research, decision making and finally for purchase I used Browserbase to have an agent autonomously make decisions about the checkout.
During the checkout process it took the DOM, extracted the key data & sent me a confirmation email, which I used as the callback for the virtual credit card creation process. The credit limit is equal to the total purchase amount and only has a lifetime of one hour.
Would love to hear your thoughts on what the future of the AI economy looks like!