> Google suspended Fiu’s gmail. Thousands of inbound emails plus rapid API calls triggered their fraud detection

That's a good enough reason for me to never run agent on anything else other than burner account. And only if the platform allows such accounts (most of platform don't).

It gets even worse if an attacker manages to make agent do any action (visit url, reflect response back, with a response that potentially contains content that triggers all possible scanners)