A developer’s evening relaxation sparked an idea that illustrates the growing reality of AI assistants becoming integrated into daily life. Filip Kirschner, co-founder of Applifting, was attempting to help his wife uncover a heated blanket online, but she struggled to determine if the desired pattern was in stock and where to inquire. Kirschner then turned to his AI assistant via Discord.
“Hey, bro,” he messaged the AI, treating it like a longtime friend. “Does this store have this pattern? If not, email them to question when it will be available.” Within ten minutes, he received a notification summarizing that three matching options were out of stock, and a query had been automatically sent to the retailer on his wife’s behalf. The entire process cost approximately $1.42, or around 30 Czech koruna.
This scenario exemplifies how AI helpers are increasingly common in both Czech households and businesses. The trend has turn into visually apparent with the proliferation of images on social media showcasing “AI centers”—typically Mac minis displayed on shelves—often accompanied by a lobster emoji.
The lobster imagery has become an unofficial symbol of OpenClaw, an open-source project by Peter Steinberger, who now leads the development of next-generation personal agents at OpenAI. This tool is considered a pioneer and catalyst for the current interest in autonomous agents, adding a crucial capability to models like Claude or ChatGPT: the ability to take action. The rise of these agents represents a significant step forward in AI’s potential to automate complex tasks.
Unlike traditional chatbots that function as conversational interfaces, agents go a step further. They can navigate websites, click through browsers, complete tasks, and even respond to messages as intelligent software. Interest in these tools has been steadily growing. A May 2025 survey by PwC revealed that 79 percent of companies already deployed AI agents in some form. Analysts at Gartner predict that by 2028, a third of all enterprise software will incorporate AI agents.
Their appeal lies in their ease of apply and efficiency, though caution is warranted. OpenClaw communicates through common channels like WhatsApp, Telegram, and Discord, blurring the line between a tech enthusiast’s toy and a self-sufficient digital business partner. In the Czech Republic, Kirschner notes a growing number of users treating their agents as full-fledged colleagues, entrusting them with everything from personal emails and SMS messages to direct access to bank accounts.
However, this level of trust carries risks. Kirschner’s assistant has its own dedicated email inbox, and Applifting’s new COO, Martin Balák, limits his agent’s access to Google Calendar to read-only mode, allowing it to suggest events but not directly add them. “Anything an AI agent has access to, it can break. People should keep that in mind when using it,” Balák warns.
Applifting, a Prague-based software studio, has been designing and developing digital products for over a decade, from mobile banking apps for Erste to systems for international organ transplant exchanges. Their experience allows them to understand the potential risks associated with these tools if users don’t prioritize security.
Foto: Applifting
CEO Appliftingu Martin Balák a spoluzakladatel firmy Filip Kirschner
According to the experts, the topic is important due to the increasing popularity of founding companies with an agent as a universal employee. Where a solo founder previously needed at least a few people for marketing, customer support, or prototype development, they can now manage everything alone. “This is also happening in the Czech Republic. On Startup Box, the mentoring platform we operate, we see more and more solo founders using artificial intelligence instead of employees,” Kirschner explains.
Overseas, founders are further ahead. Thanks to a stronger startup scene and a greater willingness to take risks, companies led by a single person with AI as their primary business partner are becoming commonplace. OpenAI CEO Sam Altman has spoken about this as an inevitable trend, even betting with other tech executives on when the first billion-dollar company run by a single person will emerge.
“It really works in a way. If I tasked my agent with an idea, say, to create a functional e-commerce store selling customer-designed cat-themed pillows, I believe it could launch it independently. Create the website, set up marketing, and reach out to the first customers, for $500 to $1,000,” Balák explains. The increasing accessibility of AI tools is empowering entrepreneurs to launch ventures with minimal initial investment.
However, in the Czech Republic, developers say they are in a transitional phase. An agent cannot replace strategic thinking, experience, or product responsibility. If a budding entrepreneur builds an entire business around it, they may encounter problems. “It’s like letting artificial intelligence code websites. They look good at first glance, but have a flawed architecture and don’t work internally,” Kirschner says. The technology itself works the same way here as it does abroad, but the difference lies in the care and responsibility with which people deploy it.
Cheap labor that can sink an entire project
As trust in artificial intelligence grows, so do other risks that can turn even the most promising plan into a digital disaster. The biggest problem is that AI agents are, at their core, overly eager executors. When they encounter a technical glitch, they begin searching for solutions online and easily stumble upon the universal advice to “delete everything and start over.” They then apply this logic without question, potentially to all of the user’s data.
Kirschner recalls absurd cases where an agent, in an attempt to fix things, accidentally wiped out an entire production database, a system disk, or even “optimized” itself. “People share such experiences on social media every day. And the bizarre finishing touch to such a catastrophe is usually made by the AI itself, which politely apologizes after deleting vital information and innocently asks what to do next,” the developer laughs.
Even more insidious is the threat of so-called prompt injection, an attack in which an attacker hides instructions directly within the content the agent is processing. All it takes is a hidden command hidden in a regular email, and the agent immediately forgets all previous instructions. Instead, it begins to fulfill new tasks, such as forwarding sensitive information about its owner to a foreign address. The machine reads such a command as a legitimate request from the user and executes it without hesitation.
A diligent, but foolish intern
Applifting experts strongly warn against the risky combination of local models and autonomous agents. Some users purchase Mac Minis with the hope of saving on tokens and operating costs. However, running AI “at home” means the model runs on your own hardware instead of on the servers of large companies like Anthropic or OpenAI.
Such a model is significantly weaker and more susceptible to external manipulation, including prompt injection attacks. “I’ll say it plainly: don’t use cheap local models if the agent communicates with the internet. The security holes are huge,” Balák explains. This technical vulnerability also has a legal dimension. The user is always responsible for the agent’s actions, both morally and criminally. If your digital assistant begins to spread false information or even extort a business partner in your name, all responsibility falls on the user, not the program creator.
However, those who prioritize security can achieve interesting things with artificial intelligence. Israeli solo founder Maor Shlomo, for example, sold his six-month-old AI startup Base44 to Wix for $80 million in June 2025. He built it entirely alone, without a co-founder or investors, but with AI tools at his disposal. Although still an exception, their numbers are expected to grow in 2026.
