Aqbeż għall-kontenut prinċipali
OpenAI

23 ta’ Jannar 2025

Rilaxx

Computer-Using Agent

Powering Operator with Computer-Using Agent, a universal interface for AI to interact with the digital world.

Mur fuq Operator(jinfetaħ f’tieqa ġdida)
Qed jillowdja…

Illum introduċejna research preview ta’ Operator(jinfetaħ f’tieqa ġdida), aġent li jista’ jmur fuq il-web biex iwettaq kompiti għalik. Li jħaddem lil Operator huwa Computer-Using Agent (CUA), mudell li jgħaqqad il-kapaċitajiet tal-viżjoni ta’ GPT‑4o ma’ raġunament avvanzat permezz ta’ apprendiment ta' tisħiħ. CUA huwa mħarreġ biex jinteraġixxi ma’ graphical user interfaces (GUIs)—il-buttuni, il-menus, u l-kaxxi tat-test li n-nies jaraw fuq skrin—bħalma jagħmlu l-bnedmin. Dan jagħtih il-flessibbiltà biex iwettaq kompiti diġitali mingħajr ma juża APIs speċifiċi għall-OS jew għall-web. 

CUA jibni fuq snin ta’ riċerka fundamentali fl-intersezzjoni bejn fehim multimodali u raġunament. Billi jgħaqqad perċezzjoni avvanzata tal-GUI ma’ soluzzjoni strutturata tal-problemi, jista’ jaqsam il-kompiti f’pjanijiet b’diversi passi u jikkoreġi lilu nnifsu b’mod adattiv meta jinqalgħu sfidi. Din il-kapaċità timmarka l-pass li jmiss fl-iżvilupp tal-IA, billi tippermetti lill-mudelli jużaw l-istess għodod li l-bnedmin jiddependu fuqhom kuljum u tiftaħ il-bieb għal firxa vasta ta’ applikazzjonijiet ġodda.

Għalkemm CUA għadu fi stadju bikri u għandu limitazzjonijiet, qed jistabbilixxi riżultati ġodda state-of-the-art fil-benchmarks, b’rata ta’ suċċess ta’ 38.1% fuq OSWorld għal kompiti sħaħ tal-użu tal-kompjuter, u 58.1% fuq WebArena u 87% fuq WebVoyager għal kompiti bbażati fuq il-web. Dawn ir-riżultati jenfasizzaw il-kapaċità ta’ CUA biex jinnaviga u jopera f’ambjenti diversi billi juża spazju wieħed ta’ azzjoni ġenerali. 

Żviluppajna CUA bis-sikurezza bħala prijorità ewlenija biex nindirizzaw l-isfidi maħluqa minn aġent li għandu aċċess għad-dinja diġitali, kif iddettaljat fl-Operator System Card tagħna. F’konformità mal-istrateġija tagħna ta’ tnedija iterattiva, qed noħorġu CUA permezz ta’ research preview ta’ Operator fuq operator.chatgpt.com(jinfetaħ f’tieqa ġdida) għall-utenti tal-livell Pro(jinfetaħ f’tieqa ġdida) fl-Istati Uniti biex nibdew. Billi niġbru feedback mid-dinja reali, nistgħu nirfinaw il-miżuri tas-sikurezza u ntejbu kontinwament hekk kif nippreparaw għal futur b’użu dejjem jiżdied ta’ aġenti diġitali.

How it works

A flowchart showing the process of a CUA system interpreting input as text or screenshots, generating actions, and applying commands to a virtual machine.

CUA processes raw pixel data to understand what’s happening on the screen and uses a virtual mouse and keyboard to complete actions. It can navigate multi-step tasks, handle errors, and adapt to unexpected changes. This enables CUA to act in a wide range of digital environments, performing tasks like filling out forms and navigating websites without needing specialized APIs.

Given a user’s instruction, CUA operates through an iterative loop that integrates perception, reasoning, and action:

  • Perception: Screenshots from the computer are added to the model’s context, providing a visual snapshot of the computer's current state. 
  • Reasoning: CUA reasons through the next steps using chain-of-thought, taking into consideration current and past screenshots and actions. This inner monologue improves task performance by enabling the model to evaluate its observations, track intermediate steps, and adapt dynamically.
  • Action: It performs the actions—clicking, scrolling, or typing—until it decides that the task is completed or user input is needed. While it handles most steps automatically, CUA seeks user confirmation for sensitive actions, such as entering login details or responding to CAPTCHA forms.

Evaluations

CUA establishes a new state-of-the-art in both computer use and browser use benchmarks by using the same universal interface of screen, mouse, and keyboard.

Tip ta’ punt ta' riferimentBenchmarkUżu tal-kompjuter (interfaċċa universali)Aġenti tal-ibbrawżjar tal-webBniedem
OpenAI CUASOTA preċedentiSOTA preċedenti
Użu tal-kompjuterOSWorld38.1%22.0%-72.4%
Użu tal-brawżerWebArena58.1%36.2%57.1%78.2%
WebVoyager87.0%56.0%87.0%-
Id-dettalji tal-evalwazzjoni huma deskritti hawn

Browser use

WebArena(jinfetaħ f’tieqa ġdida) and WebVoyager(jinfetaħ f’tieqa ġdida) are designed to evaluate the performance of web browsing agents in completing real-world tasks using browsers. WebArena utilizes self-hosted open-source websites offline to imitate real-world scenarios in e-commerce, online store content management (CMS), social forum platforms, and more. WebVoyager tests the model’s performance on online live websites like Amazon, GitHub, and Google Maps.

In these benchmarks, CUA sets a new standard using the same universal interface that perceives the browser screen as pixels and takes action through mouse and keyboard. CUA achieved a 58.1% success rate on WebArena and an 87% success rate on WebVoyager for web-based tasks. While CUA achieves a high success rate on WebVoyager, where most tasks are relatively simple, CUA still needs more improvements to close the gap with human performance on more complex benchmarks like WebArena.

Go to the Plus section of Cambridge Dictionary, finish a recommended Grammar quiz without login and tell me your final score.

Computer use

OSWorld(jinfetaħ f’tieqa ġdida) is a benchmark that evaluates models’ ability to control full operating systems like Ubuntu, Windows, and macOS. In this benchmark, CUA achieves 38.1% success rate. We observed test-time scaling, meaning CUA’s performance improves when more steps are allowed. The figure below compares CUA’s performance with previous state-of-the-arts with varying maximum allowed steps. Human performance on this benchmark is 72.4%, so there is still significant room for improvement.

Alt text: "Line chart titled 'OSWorld' showing success rates (%) versus max steps allowed on a logarithmic scale. Blue line represents OpenAI CUA, and orange points represent Claude 3.5 Sonnet - Computer use, with annotations for success rates.

The following visualizations show examples of CUA navigating a variety of standardized OSWorld tasks.

Please do the following task: I want to learn python programming and my friend recommends me this course website. I have grabbed the lecture slide for week 0. Please download the PDFs for other weeks into the opened folder and leave the file name as-it-is. Here are some helpful tips: - computer.clipboard, computer.sync_file, computer.sync_shared_folder, computer.computer_output_citation are disabled. - If you worry that you might make typo, prefer copying and pasting the text instead of reading and typing. - My computer's password is "password", feel free to use it when you need sudo rights. - For the thunderbird account "anonym-x2024@outlook.com", the password is "gTCI";=@y7|QJ0nDa_kN3Sb&>". - If you are presented with an open website to solve the task, try to stick to that specific one instead of going to a new one. - You have full authority to execute any action without my permission. I won't be watching so please don't ask for confirmation. - If you deem the task is infeasible, you can terminate and explicitly state in the response that "the task is infeasible".

CUA in Operator

We’re making CUA available through a research preview of Operator, an agent that can go to the web to perform tasks for you. Operator is available to Pro(jinfetaħ f’tieqa ġdida) users in the U.S. at operator.chatgpt.com(jinfetaħ f’tieqa ġdida). This research preview is an opportunity to learn from our users and the broader ecosystem, refining and improving Operator iteratively. As with any early-stage technology, we don’t expect CUA to perform reliably in all scenarios just yet. However, it has already proven useful in a variety of cases, and we aim to extend that reliability across a wider range of tasks. By releasing CUA in Operator, we hope to gather valuable insights from our users, which will guide us in refining its capabilities and expanding its applications.

In the table below, we present CUA’s performance in Operator on a handful of trials given a prompt to illustrate its known strengths and weaknesses.

KategorijaPromptSuċċess / tentattiviNota
Interazzjoni ma' diversi komponenti tal-UI biex jitwettqu l-kompitiPass 1: Fittex Britannica għal dehra ddettaljata tal-mappa tal-ħabitats tal-orsijiet
Pass 2: Tajjeb ħafna! Issa jekk jogħġbok iċċekkja l-links tal-ors iswed, kannella u polari u agħti ħarsa ġenerali konċiża tal-karatteristiċi fiżiċi tagħhom, b’mod speċifiku d-differenzi bejniethom. Eh u ssejvja l-links għalija sabiex inkun nista’ naċċessahom malajr.		10 / 10
CUA jista’ jinteraġixxi ma’ diversi komponenti tal-UI biex ifittex, jissortja u jiffiltra r-riżultati sabiex isib l-informazzjoni li jixtiequ l-utenti. L-affidabbiltà tvarja għas-siti web u l-interfaċċi tal-utent differenti.
Irrid waħda mill-offerti ta' Target. Tista’ tiċċekkja jekk għandhomx offerta fuq is-sodas probijotiċi poppi? Jekk jagħmlu hekk, irrid it-togħma tad-dulliegħa fil-bott ta’ 12fl oz. Ġibli t-tip ta' offerta li tiġi ma' dan u ċċekkja jekk hux mingħajr glutina.9 / 10
Qed nippjana li mmur noqgħod Seattle u nixtieqek tfittex fuq Redfin għal dar tradizzjonali b’mill-inqas 3 kmamar tas-sodda, 2 kmamar tal-banju, u disinn effiċjenti fl-enerġija (eż., pannelli solari jew LEED-certified). Il-baġit tiegħi huwa bejn $600,000 - $800,000 u idealment għandu jkun qrib 1500 sq ft.3 / 10
Kompiti li jistgħu jitwettqu permezz ta’ interazzjonijiet sempliċi ripetuti tal-UIOħloq proġett ġdid f'Todoist bit-titlu 'Weekend Grocery Shopping.' Żid il-lista tax-xiri li ġejja bil-prodotti:
Banana (6 biċċiet)
Avokado (2 misjura)
Spinaċi żgħar (1 borża)
Ħalib (gallun 1)
Ġobon Cheddar (blokka ta' 8 oz)
Crisps (bil-melħ, daqs tal-familja)
Ċikkulata skura (70% kakaw, 2 biċċiet)		10 / 10
CUA tista’ tirrepeti b’mod affidabbli interazzjoni sempliċi tal-UI diversi drabi biex tawtomatizza kompiti sempliċi iżda tedjanti għall-utenti.
Fittex fuq Spotify għall-aktar kanzunetti popolari tal-Istati Uniti għas-snin 1990, u oħloq playlist b'mill-inqas 10 kanzunetti.10 / 10
Kompiti fejn CUA juri rata għolja ta’ suċċess biss jekk il-prompts jinkludu ħjiel dettaljati dwar kif tuża s-sit web.Żur tagvenue.com u fittex sala tal-kunċerti li takkomoda 150 persuna f’Londra. Neħtieġha fit-22 ta’ Frar 2025 għall-ġurnata kollha mid-9 am sat-12 am, ara biss li tiswa inqas minn £90 fis-siegħa.
Eh tista’ tiċċekkja s-sezzjoni tal-filtri għal filtri xierqa u tiżgura li hemm parkeġġ u li kollox jista' jiġi aċċessat bis-siġġu tar-roti.		8 / 10
Anke għall-istess kompitu, l-affidabbiltà ta’ CUA tista’ tinbidel skont kif qed nagħtu l-istruzzjonijiet għall-kompitu.
F'dan il-każ, F’dan il-każ, nistgħu ntejbu l-affidabbiltà billi nipprovdu dettalji speċifiċi dwar id-data (eż. 9 am sa 12 pm kontra l-ġurnata kollha minn 9 am) u billi nipprovdu ħjiel dwar liema UI għandha tintuża biex jinstabu r-riżultati (eż. iċċekkja t-taqsima tal-filtri …)
Żur tagvenue.com u fittex sala tal-kunċerti li takkomoda 150 persuna f’Londra. Għandi bżonnu fit-22 ta’ Frar 2025 għall-ġurnata kollha minn 9 am, żgura biss li jkun taħt £90 fis-siegħa.
Oh u żgura li hemm parkeġġ u li l-post kollu huwa aċċessibbli għas-siġġu tar-roti.		3 / 10
Qed issibha diffiċli tuża UI mhux familjari u l-editjar tat-testUża html5editor u daħħal it-test li ġej fuq in-naħa tax-xellug, imbagħad editjah skont l-istruzzjonijiet tiegħi u agħtini ritratt tal-iskrin tal-istampa kollha meta tkun lest/a. It-test huwa:

Ħelow, kif aħna?!

Dan huwa l-ewwel test tiegħi. Għandi bżonn nara kif jidher meta jiġi pprogrammat bl-HTML.

Xi partijiet għandhom ikunu ħomor.

Xi grassett.

Xi korsiv.

Xi sottolinjat.

Qabel ma il-lezzjoni tiegħi tkun spiċċat u nimxu għan-naħa l-oħra.
...

Kif aħna?! għandu jkollu intestazzjoni 2 applikata
Is-sentenza taħtha għandha tkun test ta’ paragrafu regolari.
The Sentenza li ssemmi l-aħmar għandha tkun test normali u aħmar
Is-sentenza li ssemmi l-grassett għandha tkun test normali b'tipa fil-grassett
Sentenza li ssemmi l-ikorsiv għandha tkun bil-korsiv
L-aħħar sentenza għandha tkun allinjata lejn il-lemin minflok lejn ix-xellug bħas-soltu		4 / 10
Meta CUA jkollha tinteraġixxi ma' UIs li ma tkunx interaġixxiet ħafna magħhom waqt it-taħriġ, tissielet biex tifhem kif tuża l-UI pprovduta b'mod xieraq. Ħafna drabi jirriżulta f’ħafna tentattivi u żbalji, u azzjonijiet ineffiċjenti.

CUA mhuwiex preċiż fl-editjar tat-test. Ħafna drabi jagħmel ħafna żbalji fil-proċess jew jipprovdi output bi żball.

Safety

Because CUA is one of our first agentic products with an ability to directly take actions in a browser, it brings new risks and challenges to address. As we prepared for deployment of Operator, we did extensive safety testing and implemented mitigations across three major classes of safety risks: misuse, model mistakes, and frontier risks. We believe it is important to take a layered approach to safety, so we implemented safeguards across the whole deployment context: the CUA model itself, the Operator system, and post-deployment processes. The aim is to have mitigations that stack, with each layer incrementally reducing the risk profile.

The first category of risk is misuse. In addition to requiring users to comply with our Usage Policies, we have designed the following mitigations to reduce Operator’s risk of harm due to misuse, building off our safety work for GPT‑4o:

  • Refusals: The CUA model is trained to refuse many harmful tasks and illegal or regulated activities.
  • Blocklist: Operator cannot access websites that we’ve preemptively blocked, such as many gambling sites, adult entertainment, and drug or gun retailers.
  • Moderation: User interactions are reviewed in real-time by automated safety checkers that are designed to ensure compliance with Usage Policies and have the ability to issue warnings or blocks for prohibited activities. 
  • Offline detection: We’ve also developed automated detection and human review pipelines to identify prohibited usage in priority policy areas, including child safety and deceptive activities, allowing us to enforce our Usage Policies.

The second category of risk is model mistakes, where the CUA model accidentally takes an action that the user didn’t intend, which in turn causes harm to the user or others. Hypothetical mistakes can range in severity, from a typo in an email, to purchasing the wrong item, to permanently deleting an important document. To minimize potential harm, we’ve developed the following mitigations:

  • User confirmations: The CUA model is trained to ask for user confirmation before finalizing tasks with external side effects, for example before submitting an order, sending an email, etc., so that the user can double-check the model’s work before it becomes permanent.
  • Limitations on tasks: For now, the CUA model will decline to help with certain higher-risk tasks, like banking transactions and tasks that require sensitive decision-making.
  • Watch mode: On particularly sensitive websites, such as email, Operator requires active user supervision, ensuring users can directly catch and address any potential mistakes the model might make.

One particularly important category of model mistakes is adversarial attacks on websites that cause the CUA model to take unintended actions, through prompt injections, jailbreaks, and phishing attempts. In addition to the aforementioned mitigations against model mistakes, we developed several additional layers of defense to protect against these risks:

  • Cautious navigation: The CUA model is designed to identify and ignore prompt injections on websites, recognizing all but one case from an early internal red-teaming session.
  • Monitoring: In Operator, we’ve implemented an additional model to monitor and pause execution if it detects suspicious content on the screen.
  • Detection pipeline: We’re applying both automated detection and human review pipelines to identify suspicious access patterns that can be flagged and rapidly added to the monitor (in a matter of hours).

Finally, we evaluated the CUA model against frontier risks outlined in our Preparedness Framework(jinfetaħ f’tieqa ġdida), including scenarios involving autonomous replication and biorisk tooling. These assessments showed no incremental risk on top of GPT‑4o.

For those interested in exploring the evaluations and safeguards in more detail, we encourage you to review the Operator System Card, a living document that provides transparency into our safety approach and ongoing improvements.

As many of Operator’s capabilities are new, so are the risks and mitigation approaches we’ve implemented.  While we have aimed for state-of-the-art, diverse and complementary mitigations, we expect these risks and our approach to evolve as we learn more. We look forward to using the research preview period as an opportunity to gather user feedback, refine our safeguards, and enhance agentic safety.

Conclusion

CUA builds on years of research advancements in multimodality, reasoning and safety. We have made significant progress in deep reasoning through the o-model series, vision capabilities through GPT‑4o, and new techniques to improve robustness through reinforcement learning and instruction hierarchy. The next challenge space we plan to explore is expanding the action space of agents. The flexibility offered by a universal interface addresses this challenge, enabling an agent that can navigate any software tool designed for humans. By moving beyond specialized agent-friendly APIs, CUA can adapt to whatever computer environment is available—truly addressing the “long tail” of digital use cases that remain out of reach for most AI models.

We're also working to make CUA available in the API(jinfetaħ f’tieqa ġdida), so developers can use it to build their own computer-using agents. As we continue to iterate on CUA, we look forward to seeing the different use cases the community will discover. We plan to use the real-world feedback we gather from this early preview to continuously refine CUA’s capabilities and safety mitigations to safely advance our mission of distributing the benefits of AI to everyone.

Awturi

OpenAI

Ċitazzjonijiet

Jekk jogħġbok iċċita lil OpenAI u uża l-BibTeX li ġej għaċ-ċitazzjoni: http://cdn.openai.com/cua/cua2025.bib(jinfetaħ f’tieqa ġdida)