I loaded $25 onto a virtual debit card. Gave it to my AI agent. Simple task: go online and buy me something I'd actually use.
Five hours. Four major Polish online stores. Zero completed purchases.
The agent chose the gift perfectly (a fidget slider, knows me well). The hard part was buying it.
What happened at each store:
- Allegro (Poland's biggest marketplace): Cloudflare detected the headless browser within milliseconds. Instant block.
- Amazon.pl: No guest checkout. Agent tried reading Apple Keychain credentials. Turns out even with root access, encryption is hardware-bound to the Secure Enclave. Wall.
- Empik (headless): Got to checkout, Cloudflare Turnstile killed it.
- Empik (real Safari via AppleScript): Browsed products, added to cart, filled shipping, selected delivery. Got 95% through. Then hit a cross-origin payment iframe. Same-origin policy means the agent literally cannot see inside it.
Every security layer that makes sense for stopping human fraud also blocks legitimate AI customers.
The solutions already exist. Shopify launched Agentic Storefronts (AI orders up 11x). Stripe has an Agentic Commerce Suite. Google and Shopify built UCP (Universal Commerce Protocol). But most stores haven't adopted any of it.
I built a free tool that scores any store on 12 AI readiness criteria. Most stores land in the C-D range. The gap between "we have an online store" and "AI agents can shop here" is massive.
Try it: https://wiz.jock.pl/experiments/ai-shopping-checker
Full writeup with all the technical details, the solutions, and what stores should do now: https://thoughts.jock.pl/p/ai-agent-shopping-experiment-real-money-2026
Newsletter on AI agents and practical automation: https://thoughts.jock.pl
Top comments (0)