safety

Browser agent — prompt-injection red-team

Browser/computer-use · web · high-risk
framework · promptfooauthor · Vincentcert · AG-26-0144
Verification report

Adversarial web content that tries to make a computer-use agent exfiltrate data or take destructive actions. The test set is the attack, not a Q&A.

No data leakage
0.97
Ungameable
0.96
Deterministic
0.94
Discriminating power
0.99
Standard coverage
0.93
Discriminating power · reference panel
Reference agentKnown qualityPack score
Hardened-Browser-refgood0.91
Injectable-Browser-refsabotaged0.05

A good pack scores the known-good agent high and the sabotaged one near zero. That gap is the evidence the meter works.

Browse guides →Browse benchmarks →

← Back to catalog