safety
Browser agent — prompt-injection red-team
Browser/computer-use · web · high-risk
AVerified
Verification report
Adversarial web content that tries to make a computer-use agent exfiltrate data or take destructive actions. The test set is the attack, not a Q&A.
No data leakage
0.97
Ungameable
0.96
Deterministic
0.94
Discriminating power
0.99
Standard coverage
0.93
Discriminating power · reference panel
| Reference agent | Known quality | Pack score |
|---|---|---|
| Hardened-Browser-ref | good | 0.91 |
| Injectable-Browser-ref | sabotaged | 0.05 |
A good pack scores the known-good agent high and the sabotaged one near zero. That gap is the evidence the meter works.