LPS-Bench: Benchmarking Safety Awareness of Computer-Use Agents in Long-Horizon Planning under Benign and Adversarial Scenarios

Tianyu Chen , Chujia Hu , Ge Gao , Ruofeng Yu , Yao Lu

🏛 Institutions: ShanghaiTech University , Shanghai AI Laboratory , Rice University
📅 Date: February 3, 2026
📑 Publisher: arXiv
💻 Env: General GUI
🔑 Keywords: benchmark safety MCP long-horizon planning LPS-Bench

TLDR

LPS-Bench is a benchmark evaluating the planning-time safety awareness of MCP-based computer-use agents under long-horizon tasks, covering 65 scenarios across 7 task domains and 9 risk types with both benign and adversarial interactions, revealing substantial safety deficiencies in existing agents.

Open paper arXiv Report issue

Related papers (24)

The Blind Spot of Agent Safety: How Benign User Instructions Expose Critical Vulnerabilities in Computer-Use Agents

April 12, 2026 · arXiv
CORA: Conformal Risk-Controlled Agents for Safeguarded Mobile GUI Automation

April 10, 2026 · arXiv
When Benign Inputs Lead to Severe Harms: Eliciting Unsafe Unintended Behaviors of Computer-Use Agents

February 9, 2026 · arXiv
When Actions Go Off-Task: Detecting and Correcting Misaligned Actions in Computer-Use Agents

February 9, 2026 · arXiv
WebTrap Park: An Automated Platform for Systematic Security Evaluation of Web Agents

January 13, 2026 · arXiv
It's a TRAP! Task-Redirecting Agent Persuasion Benchmark for Web Agents

December 29, 2025 · arXiv
DECEPTICON: How Dark Patterns Manipulate Web Agents

December 28, 2025 · arXiv
MobileWorld: Benchmarking Autonomous Mobile Agents in Agent-User Interactive and MCP-Augmented Environments

December 22, 2025 · arXiv
Investigating the Impact of Dark Patterns on LLM-Based Web Agents

October 20, 2025 · IEEE S&P 2026
macOSWorld: A Multilingual Interactive Benchmark for GUI Agents

June 4, 2025 · NeurIPS 2025 (Poster)
RiOSWorld: Benchmarking the Risk of Multimodal Computer-Use Agents

May 31, 2025 · NeurIPS 2025 (Poster)
MobileSafetyBench: Evaluating Safety of Autonomous Agents in Mobile Device Control

October 23, 2024 · arXiv
Refusal-Trained LLMs Are Easily Jailbroken As Browser Agents

October 11, 2024 · arXiv
ST-WebAgentBench: A Benchmark for Evaluating Safety and Trustworthiness in Web Agents

October 9, 2024 · ICLR 2026 (Poster)
Dissecting Adversarial Robustness of Multimodal LM Agents

June 18, 2024 · ICLR 2025 (Poster)
AutoGUI-v2: A Comprehensive Multi-Modal GUI Functionality Understanding Benchmark

April 27, 2026 · arXiv
Human-Guided Harm Recovery for Computer Use Agents

April 20, 2026 · arXiv
GUI-Perturbed: Domain Randomization Reveals Systematic Brittleness in GUI Grounding Models

April 15, 2026 · arXiv
CocoaBench: Evaluating Unified Digital Agents in the Wild

April 13, 2026 · arXiv
Are GUI Agents Focused Enough? Automated Distraction via Semantic-level UI Element Injection

April 9, 2026 · arXiv
What's Missing in Screen-to-Action? Towards a UI-in-the-Loop Paradigm for Multimodal GUI Reasoning

April 8, 2026 · Findings of ACL 2026
GUIDE: Interpretable GUI Agent Evaluation via Hierarchical Diagnosis

April 6, 2026 · arXiv
GUIDE: A Benchmark for Understanding and Assisting Users in Open-Ended GUI Tasks

March 26, 2026 · CVPR 2026
See, Plan, Snap: Evaluating Multimodal GUI Agents in Scratch

February 11, 2026 · arXiv