Automate agent checkout on arbitrary e-commerce sites: decide what to automate vs hand back

Verified steps

1. Automate the pre-payment stages freely: product search, cart assembly, coupon application, and shipping address selection carry low financial risk and are reversible.
2. Before submitting payment, pause and present the full order summary (items, total, shipping, merchant name) to a human confirmation step — treat payment submission as a non-reversible action requiring explicit authorization unless the agent has a pre-approved budget for this merchant and amount.
3. If operating within a pre-approved budget: validate merchant domain against your allowlist, check the total against the per-transaction cap, confirm no 3DS challenge is expected for this card/merchant pair, then proceed.
4. For payment form submission, use a server-side tokenization flow where possible (e.g., if the merchant uses Stripe Elements or a known PSP, interact via API rather than DOM); direct DOM manipulation of payment fields is fragile and may violate PSP terms.
5. After order submission, capture the order confirmation number, receipt URL, and estimated delivery from the confirmation page; store these in your audit trail before the session ends.
6. If the checkout flow presents unexpected steps — CAPTCHA, phone verification, 2FA, or 3DS — immediately surface to the human rather than attempting to bypass; these signals exist to verify human presence.