CaMeLs Can Use Computers Too: System-level Security for Computer Use Agents 事件

CaMeLs Can Use Computers Too: System-level Security for Computer Use Agents arXiv:2601.09923v3 Announce Type: replace Abstract: AI agents are vulnerable to prompt injection attacks, where malicious content hijacks agent behavior. Among proposed defenses, architectural isolation provides the strongest guarantees by strictly separating trusted task planning from untrusted environment observations. However, applying this design to Computer Use Agents (CUAs), which automate tasks by viewing screens