Briefly
- OpenAI launched ChatGPT Agent, enabling AI to finish complicated duties utilizing a digital laptop.
- The instrument raises safety considerations, together with immediate injection assaults.
- OpenAI added safeguards, however warned customers to remain cautious.
OpenAI has unveiled its most autonomous AI instrument but: a model of ChatGPT that may browse the net, run apps, and full real-world duties with little-to-no human enter. However with the leap in functionality comes a stark warning: The know-how might additionally invite a brand new wave of safety threats.
Launched on Thursday, ChatGPT Agent permits customers to delegate complicated duties, resembling planning holidays, reserving resort rooms, researching opponents, producing slide decks, and even putting on-line orders.
The function will begin rolling out right now to Professional, Plus, and Group customers.
To finish duties, the agent makes use of a digital laptop and a unified set of instruments, together with a text-based browser, terminal, and entry to third-party apps resembling Google Drive and GitHub. The digital laptop is a simulated computing surroundings working within the cloud that the ChatGPT agent can management independently—kind of like giving the AI its personal personal, sandboxed machine to do actual work.
“I believe it is a new stage of functionality in AI,” OpenAI CEO Sam Altman stated throughout a livestream demonstration performed by members of the workforce that constructed the product. The livestream was additionally noteworthy, nevertheless, in a part of the quantity of “purchaser beware” cautions OpenAI gave.
“It is a new approach to make use of AI, however there will probably be a brand new set of assaults that include that,” stated Altman. “Society and the know-how must evolve and find out how we will mitigate issues that we will not even actually think about but, as individuals begin doing increasingly more work this manner.”
One instance: An agent might analysis a purchase order, discover the merchandise at a phishing web site and supply a consumer’s bank card data. To mitigate that downside, the present launch has quite a few safeguards in place that will, for example, cease simply in need of importing bank card info till the consumer manually approves it.
“We have educated the mannequin to disregard suspicious directions on dangerous web sites,” OpenAI researcher Casey Chu stated. “We even have screens that watch the agent’s habits and cease it if something appears to be like suspicious.”
Chu added that whereas system safeguards might be up to date in actual time, ChatGPT agent continues to be a “cutting-edge product” that opens the door to new types of exploitation.
“It’s vital for customers to grasp the dangers and be considerate in regards to the info they share,” he stated.
The discharge of ChatGPT Agent comes at a time when AI builders are working to equip digital assistants with more and more highly effective capabilities. On Wednesday, Google launched a brand new AI-powered function in Google Search that permits its Gemini AI to make cellphone calls to companies on behalf of customers.
“ChatGPT Agent continues to be in its early levels, and we’re utilizing this time to study from real-world use to enhance each the product and our safeguards,” an OpenAI consultant instructed Decrypt. “The present system card displays our current strategy, however we’re getting ready for what’s subsequent and can proceed to share updates as we make the agent higher and safer.”
ChatGPT can now do give you the results you want utilizing its personal laptop.
Introducing ChatGPT agent—a unified agentic system combining Operator’s action-taking distant browser, deep analysis’s net synthesis, and ChatGPT’s conversational strengths. pic.twitter.com/7uN2Nc6nBQ
— OpenAI (@OpenAI) July 17, 2025
Cybersecurity consultants have additionally raised considerations in regards to the implications of autonomous brokers.
“Excessive concern is warranted as a result of the agent carries implicit authority to disclose private identifiers throughout dialogue,” stated Nic Adams, co-founder and CEO of cybersecurity agency 0rcus. “Customers ought to grant granular, revocable scopes resembling goal enterprise, objective, allowable information components, and expiration timestamp.”
By way of greatest practices, Adams steered that after execution, the agent current a full transcript for approval earlier than storing any info for longer than legally required.
“Silent, blanket consent would shift legal responsibility onto the consumer with out significant management,” he stated. “Due to this fact, a per‑activity affirmation mannequin is important.”
Past the dangers of letting AI brokers make purchases or plans, OpenAI researchers agreed that this stage of autonomy introduces new threats, particularly immediate injection assaults, the place malicious inputs trick the AI into leaking information, spreading misinformation, or taking unauthorized actions.
To mitigate these dangers, OpenAI developed takeover mode, which, because the title suggests, provides customers the ability to take over from the agent and enter info themselves, relatively than counting on the agent. In some instances, ChatGPT Agent will ask for specific consumer approval earlier than taking vital actions, like making purchases or accessing delicate information.
“We have constructed a strong instrument, however customers want to remain cautious,” Chu stated.
Usually Clever E-newsletter
A weekly AI journey narrated by Gen, a generative AI mannequin.