RedTeamCUA: Realistic Adversarial Testing of Computer-Use Agents in Hybrid Web-OS Environments

RedTeamCUA introduces a hybrid OS-and-web sandbox for realistic adversarial testing of computer-use agents under indirect prompt injection. Its RTC-Bench benchmark contains 864 hybrid attack scenarios and shows that current frontier agents still exhibit substantial attack success rates in both initialized and end-to-end settings.

• The Blind Spot of Agent Safety: How Benign User Instructions Expose Critical Vulnerabilities in Computer-Use Agents
  April 12, 2026 · arXiv
• WebSP-Eval: Evaluating Web Agents on Website Security and Privacy Tasks
  April 7, 2026 · arXiv
• HackWorld: Evaluating Computer-Use Agents on Exploiting Web Application Vulnerabilities
  October 14, 2025 · ICLR 2026 (Poster)
• VPI-Bench: Visual Prompt Injection Attacks for Computer-Use Agents
  June 3, 2025 · ICLR 2026 (Poster)
• WASP: Benchmarking Web Agent Security Against Prompt Injection Attacks
  April 22, 2025 · NeurIPS 2025 (Poster)
• VenusBench-GD: A Comprehensive Multi-Platform GUI Benchmark for Diverse Grounding Tasks
  December 18, 2025 · arXiv
• OS-Oracle: A Comprehensive Framework for Cross-Platform GUI Critic Models
  December 18, 2025 · arXiv
• RiOSWorld: Benchmarking the Risk of Multimodal Computer-Use Agents
  May 31, 2025 · NeurIPS 2025 (Poster)
• On the Robustness of GUI Grounding Models Against Image Attacks
  April 7, 2025 · arXiv
• sudo rm -rf agentic_security
  March 26, 2025 · ACL 2025 Industry Track
• In-Context Defense in Computer Agents: An Empirical Study
  March 12, 2025 · arXiv
• WorldGUI: An Interactive Benchmark for Desktop GUI Automation from Any Starting Point
  February 12, 2025 · arXiv
• GUI Action Narrator: Where and When Did That Action Take Place?
  June 19, 2024 · arXiv
• GUI-World: A Video Benchmark and Dataset for Multimodal GUI-oriented Understanding
  June 16, 2024 · ICLR 2025 (Poster)
• OSWorld: Benchmarking Multimodal Agents for Open-Ended Tasks in Real Computer Environments
  April 11, 2024 · NeurIPS 2024 Datasets and Benchmarks Track
• OmniACT: A Dataset and Benchmark for Enabling Multimodal Generalist Autonomous Agents for Desktop and Web
  February 29, 2024 · ECCV 2024 (Poster)
• SeeClick: Harnessing GUI Grounding for Advanced Visual GUI Agents
  January 17, 2024 · ACL 2024
• Workflow-GYM: Towards Long-Horizon Evaluation of Computer-use Agentic tasks in Real-World Professional Fields
  June 9, 2026 · arXiv
• WindowsWorld: A Process-Centric Benchmark of Autonomous GUI Agents in Professional Cross-Application Environments
  April 30, 2026 · arXiv
• Odysseys: Benchmarking Web Agents on Realistic Long Horizon Tasks
  April 27, 2026 · arXiv
• WebForge: Breaking the Realism-Reproducibility-Scalability Trilemma in Browser Agent Benchmark
  April 13, 2026 · arXiv
• The Amazing Agent Race: Strong Tool Users, Weak Navigators
  April 11, 2026 · arXiv
• HealthAdminBench: Evaluating Computer-Use Agents on Healthcare Administration Tasks
  April 10, 2026 · arXiv
• Preference Redirection via Attention Concentration: An Attack on Computer Use Agents
  April 9, 2026 · arXiv