Having to manually register new domains was something that was really holding back my ability to commit fraud. Now that large language models and agents can do this for me, that will really speed up my ability to defraud the innocent and elderly.
Curious, is there an Andreesen Horowitz Agent MCP?
Let’s automate this end to end, from idea to raising capitals. Vibe Angels should just be multi agents managing how much capitals to allocate to each projects.
That is ironic. Four years ago, cloudflare didn’t let human me have an account / buy domains because I signed up, never used a single service but didn’t respond to a request to verify my drivers license
> This account is in violation of Cloudflare's Terms of Service. Specifically fraud. The suspension is permanent.
(Yes that’s really it. Sincerely. No “but I also abused X”)
This conflict is popping up everywhere. There is a push by a lot of companies to allow agentic use of their services (and new companies explicitly offering "X for agents"), ignoring the fact that "agent" means the same thing as "bot" which we've spent the last couple of decades actively filtering out. Will be interesting to see how it plays out.
> By agreeing to these Terms, you represent and warrant to us: (i) that you have not previously been suspended or removed from the Websites and Online Services
CloudFlare ToS has you covered. A human must accept it, even with the new agentic flow.
Earlier, I was using Zoho and FastMail (however you dice it, it will use some money, $12 a year for Zoho and $7 per month for FastMail? Even then, perhaps you only get one mailbox and some aliases)
but with this method, I get unlimited aliases, domains, and mailboxes:
Now, I wrote a script which captures the email and saves attachments to S3 using the HTTP API (why S3 and not R2? Because Cloudflare wanted a credit card, and I was too lazy to add it there lol) and emails to D1.
This uses an email -> webworker workflow.
I use an API to fetch my emails.
This means all my inbound emails are now handled by Cloudflare, and I can easily use all of it with zero payment.
The best part is this supports tokenised emails, so I can provide a unique email address to each service I sign up for.
I am using SES as the sender. I’ve set up one script which auto-sets up any domain in SES and auto-verifies the sender email.
The funniest thing is I am receiving zero spam? As if other email providers sell my email?
And CloudFlare engineers sleep comfily at night knowing that they just produced 800 lbs of carbon emissions to generate a static "Hello World" HTML page.
I see the amount of work that gets put into these workflows and it boggles my mind that anyone thinks that it's faster or easier or more convinient or more cost efffective than installing a LAMP stack on one of the 6 laptops they have stuffed in a closet. God forbid anyone have any native local capability.
But they paid for the emission just like every other electricity consumer? Then who are we to determine the Hello World page is morally more wasteful than outdoor terrace heaters or advertising jumbo-trons?
The agent start a phone call, listens to the person on the line, analyzes which fraud bucket they fall into, and start the process.
While they are on the phone with the agent, it buys a domain relevant to the victim, the agent codes and deploy the website specially catered to them and the fraud bucket. Collect payment, destroy the website, redirect the domain to google.com. no need to start a new call because you had several agents committing the same fraud in parallel.
Most of the sysadmin and devops team have been downsized in India because of AI.
Basically, now it's trivial for any new devops guy to run such a query in Claude Code:
“Log in to this production server, find out all services it runs and their deployment method, create documentation about everything, and generate a repeatable, auditable deployment workflow.”
Devops and sysadmins can no longer withhold information to maintain job security.
Boom, 80% of the team gone.
I know companies are doing migrations of production Postgres and MySQL on 1000s of machines using AI agents.
I’m imagining how many SaaS will be automated out and simply be an "agent skill" in ClaudeCode.
> Devops and sysadmins can no longer withhold information to maintain job security.
I can't imagine this is very prevalent. That's a very 2004-style corporate immaturity; I get the sense that even the slow-moving behemoths of the software world have mostly caught up to, say ... 2017's recognition of the importance of automation and reproducibility and won't tolerate the kind of malpractice you describe--wilful information siloing by infrastructure teams.
Like, those businesses might well suck at automation! But they've been doing it and firing the people who resist it for a long while now.
Only downsized? I would expect them to cease to exist entirely in the coming years, as western companies begin to realize that AI is cheaper and more competent than the Indian firms they usually outsource work to.
I was pleasantly surprised when I read the headline a few days ago. But it's only accessible through Stripe right? I'm simultanenously very concerned about the centralized control that Stripe gains (it's not going to be just access to Cloudflare) and also amazed at how Stripe is shaping to be. It was just a payment processor.
why does cloudflare not allow existing users to create new accounts? you basically need to use a burner email and transfer it afterward. makes it awkward to use this on new projects that you want independent of your existing accounts.
Claude has been buying domains and deploying to Vercel for me using aws cli, vercel cli, and gh cli since December. Personally I prefer a cli to an MCP server for this type of thing.
As a user of the internet I can only imagine this worsening my experience by allowing even more slop to permeate the network's every orifice.
Also, when an agent sets up a domain, who is the domain owner? Who responds to takedown requests? What if it then decides to host illegal content at the domain (generated or otherwise). Who is responsible? Agents aren't (yet) legal persons, so it must be the person who owns the agent, but if that person never even sees the legal agreement being agreed to how would it hold up in court? If the person didn't direct the creation or hosting of illegal content, what then?
Humans will not win in court with a "but the agent did it, I had no idea" argument. Just look at how the cases against OAI are going, and that's where families lose a loved one. There's not going to be any sympathy when your agent committed fraud on your behalf.
And it's not like pro agent companies have a reason to self regulate. They're not going to absorb that liability voluntarily, they'll push it onto users contractually (most of them already do). This is just another channel to bring in customers. They will capitalize ruthlessly to increase their bottom line.
Interesting questions you bring up. Especially the legal ramifications as to how it would fully work within current legal framework.
I suppose there would be a broad disclaimer and agreement one would have to agree to that would state that users of the service are ultimately responsible to monitor and ensure websites deployed by agents comply with local laws.
Ultimately I assume that since it is not the agent who pays but a registered user that the user would own the site. And that the legal agreement would be agreed to beforehand so it is legally binding.
Fascinating. This is through Stripe rather than wrangler or anything. Coding agents were pretty good at handling the Cloudflare API already with an API key, but I think this thing that Stripe is doing by being the central hub through which all agent stuff goes by integrating with their CLI is a pretty good move for them.
Let’s automate this end to end, from idea to raising capitals. Vibe Angels should just be multi agents managing how much capitals to allocate to each projects.
> This account is in violation of Cloudflare's Terms of Service. Specifically fraud. The suspension is permanent.
(Yes that’s really it. Sincerely. No “but I also abused X”)
CloudFlare ToS has you covered. A human must accept it, even with the new agentic flow.
You can have a zero-cost inbox.
Earlier, I was using Zoho and FastMail (however you dice it, it will use some money, $12 a year for Zoho and $7 per month for FastMail? Even then, perhaps you only get one mailbox and some aliases)
but with this method, I get unlimited aliases, domains, and mailboxes:
Now, I wrote a script which captures the email and saves attachments to S3 using the HTTP API (why S3 and not R2? Because Cloudflare wanted a credit card, and I was too lazy to add it there lol) and emails to D1.
This uses an email -> webworker workflow.
I use an API to fetch my emails.
This means all my inbound emails are now handled by Cloudflare, and I can easily use all of it with zero payment.
The best part is this supports tokenised emails, so I can provide a unique email address to each service I sign up for.
I am using SES as the sender. I’ve set up one script which auto-sets up any domain in SES and auto-verifies the sender email.
The funniest thing is I am receiving zero spam? As if other email providers sell my email?
I see the amount of work that gets put into these workflows and it boggles my mind that anyone thinks that it's faster or easier or more convinient or more cost efffective than installing a LAMP stack on one of the 6 laptops they have stuffed in a closet. God forbid anyone have any native local capability.
While they are on the phone with the agent, it buys a domain relevant to the victim, the agent codes and deploy the website specially catered to them and the fraud bucket. Collect payment, destroy the website, redirect the domain to google.com. no need to start a new call because you had several agents committing the same fraud in parallel.
It can also be used to make art.
Basically, now it's trivial for any new devops guy to run such a query in Claude Code:
“Log in to this production server, find out all services it runs and their deployment method, create documentation about everything, and generate a repeatable, auditable deployment workflow.”
Devops and sysadmins can no longer withhold information to maintain job security.
Boom, 80% of the team gone.
I know companies are doing migrations of production Postgres and MySQL on 1000s of machines using AI agents.
I’m imagining how many SaaS will be automated out and simply be an "agent skill" in ClaudeCode.
I can't imagine this is very prevalent. That's a very 2004-style corporate immaturity; I get the sense that even the slow-moving behemoths of the software world have mostly caught up to, say ... 2017's recognition of the importance of automation and reproducibility and won't tolerate the kind of malpractice you describe--wilful information siloing by infrastructure teams.
Like, those businesses might well suck at automation! But they've been doing it and firing the people who resist it for a long while now.
But jokes aside having a central place to manage billing and accounts for deploying infra across multiple providers is pretty awesome imo.
if they have a terraform provider even better. I wonder if also makes multi tenant architectures or environment isolation easier to provision as well.
The agent does everything. “Make a website that does…“ and it can handle everything from start to finish. It’s that good now.
Also, when an agent sets up a domain, who is the domain owner? Who responds to takedown requests? What if it then decides to host illegal content at the domain (generated or otherwise). Who is responsible? Agents aren't (yet) legal persons, so it must be the person who owns the agent, but if that person never even sees the legal agreement being agreed to how would it hold up in court? If the person didn't direct the creation or hosting of illegal content, what then?
And it's not like pro agent companies have a reason to self regulate. They're not going to absorb that liability voluntarily, they'll push it onto users contractually (most of them already do). This is just another channel to bring in customers. They will capitalize ruthlessly to increase their bottom line.
Good thing the fraud is committed in places that specifically don't prosecute fraud when it's targeted against Western countries.
Soft scammers, fraudsters and defamers are celebrating in copying websites for malicious intent.
For sure this is going to get abused.
This looks interesting nonetheless.
Why didn't Amazon think of that?
good luck