MobileSafetyBench: Evaluating Safety of Autonomous Agents in Mobile Device Control

Introduces MobileSafetyBench, a benchmark for measuring safety failures of mobile-control agents in realistic Android tasks involving apps like messaging and banking. It evaluates both ordinary safety behavior and robustness to indirect prompt injection, and shows that current agents still struggle to avoid harmful actions.

• It's a TRAP! Task-Redirecting Agent Persuasion Benchmark for Web Agents
  December 29, 2025 · arXiv
• CORA: Conformal Risk-Controlled Agents for Safeguarded Mobile GUI Automation
  April 10, 2026 · arXiv
• Blind Gods and Broken Screens: Architecting a Secure, Intent-Centric Mobile Agent Operating System
  February 11, 2026 · arXiv
• The Blind Spot of Agent Safety: How Benign User Instructions Expose Critical Vulnerabilities in Computer-Use Agents
  April 12, 2026 · arXiv
• When Benign Inputs Lead to Severe Harms: Eliciting Unsafe Unintended Behaviors of Computer-Use Agents
  February 9, 2026 · arXiv
• When Actions Go Off-Task: Detecting and Correcting Misaligned Actions in Computer-Use Agents
  February 9, 2026 · arXiv
• LPS-Bench: Benchmarking Safety Awareness of Computer-Use Agents in Long-Horizon Planning under Benign and Adversarial Scenarios
  February 3, 2026 · arXiv
• CaMeLs Can Use Computers Too: System-level Security for Computer Use Agents
  January 14, 2026 · arXiv
• WebTrap Park: An Automated Platform for Systematic Security Evaluation of Web Agents
  January 13, 2026 · arXiv
• DECEPTICON: How Dark Patterns Manipulate Web Agents
  December 28, 2025 · arXiv
• Genesis: Evolving Attack Strategies for LLM Web Agent Red-Teaming
  October 21, 2025 · ICME 2026
• Investigating the Impact of Dark Patterns on LLM-Based Web Agents
  October 20, 2025 · IEEE S&P 2026
• macOSWorld: A Multilingual Interactive Benchmark for GUI Agents
  June 4, 2025 · NeurIPS 2025 (Poster)
• RiOSWorld: Benchmarking the Risk of Multimodal Computer-Use Agents
  May 31, 2025 · NeurIPS 2025 (Poster)
• WASP: Benchmarking Web Agent Security Against Prompt Injection Attacks
  April 22, 2025 · NeurIPS 2025 (Poster)
• Refusal-Trained LLMs Are Easily Jailbroken As Browser Agents
  October 11, 2024 · arXiv
• ST-WebAgentBench: A Benchmark for Evaluating Safety and Trustworthiness in Web Agents
  October 9, 2024 · ICLR 2026 (Poster)
• EIA: Environmental Injection Attack on Generalist Web Agents for Privacy Leakage
  September 17, 2024 · ICLR 2025 (Poster)
• Dissecting Adversarial Robustness of Multimodal LM Agents
  June 18, 2024 · ICLR 2025 (Poster)
• Benchmarking Living-Screen-Native GUI Agents on Short-Video Platforms
  June 3, 2026 · arXiv
• AndroidDaily: A Verifiable Benchmark for Mobile GUI Agents on Real-World Closed-Source Applications
  May 26, 2026 · arXiv
• MobileGym: A Verifiable and Highly Parallel Simulation Platform for Mobile GUI Agent Research
  May 25, 2026 · arXiv
• SimuWoB: Simulating Real-World Mobile Apps for Fast and Faithful GUI Agent Benchmarking
  May 24, 2026 · arXiv
• KnowU-Bench: Towards Interactive, Proactive, and Personalized Mobile Agent Evaluation
  April 9, 2026 · arXiv