Safety layers
🔒
Cloud Isolation
Every task runs in its own sandbox. No access to your local machine, files, or other tasks.
🔑
Scoped Credentials
Minimal access tokens for each connected service. Not shared across tasks.
✋
Human Approval Gates
Pauses before irreversible actions: publishing, sending emails, pushing code, financial transactions.
📋
Audit Logs
Every tool call, file write, and API interaction is logged and reviewable.
BrowseSafe is not bulletproof
While BrowseSafe adds a layer of protection against prompt injection attacks (hidden instructions on web pages designed to manipulate the agent), independent security researchers found significant gaps. Treat it as one defense layer among many, not a guarantee. Always review Computer's outputs for sensitive workflows, and be cautious about connecting high stakes accounts (like financial services) during the early days of the platform.