OpenAI's Agent Has a Problem: Before It Does Anything Important, You Have to Double-Check It Hasn't Screwed Up

OpenAI has introduced Operator, an agentic AI model designed to perform tasks on a user's computer, such as booking tickets and creating shopping lists. However, Operator requires user confirmation before executing significant actions, which limits its autonomy. Currently available in a limited preview for ChatGPT Pro subscribers at $200 per month, Operator uses a Computer-Using Agent model to interact with virtual environments by taking desktop screenshots. Despite its potential, users have reported issues with its speed and reliability, as well as concerns about privacy and security due to its need for constant desktop monitoring.

Operator's reliance on screenshots raises privacy concerns, as OpenAI retains chats and screenshots for up to 90 days, even if deleted by the user. Additionally, the AI's ability to browse the web exposes it to potential security threats, such as prompt injections that could alter its behavior. While safety measures are in place, the AI's current limitations and the need for user supervision question its practicality and trustworthiness.

Key takeaways

Operator is OpenAI's new agentic AI model designed to perform tasks like booking tickets and creating shopping lists, but it requires user confirmation for significant actions.
The AI model uses a Computer-Using Agent to interact with its environment by taking screenshots, but it is currently slow and often requires user intervention.
Operator's reliance on constant desktop screenshots raises privacy concerns, as OpenAI stores chats and screenshots for up to 90 days.
The AI's ability to browse the web exposes it to potential risks like prompt injections, which could lead to unintended actions.

OpenAI's Agent Has a Problem: Before It Does Anything Important, You Have to Double-Check It Hasn't Screwed Up

Key takeaways

Discussion (0)