OpenAI explains how its AI agents avoid malicious links and prompt injection

Blogs Technology
Veröffentlicht 2026-01-30 11:00:13
0
86

OpenAI explains how its AI agents avoid malicious links

AI agents can perform tasks on behalf of the user, and this often involves controlling a web browser, sorting through emails, and interacting with the internet at large. And since there are lots of places on the internet that can steal your personal data or otherwise cause harm, it's important that these agents know what they're doing.

So, as users migrate away from web browsers and Google Search to AI browsers and agents, AI companies like OpenAI need to make sure these tools don't fall straight into a phishing attempt or click on malicious links.

In a new blog post, OpenAI explains exactly how its AI agents protect users.

One possible solution to this problem would be for OpenAI to simply adopt a curated list of trusted websites its agents are allowed to access. However, as the company explained in the blog post, that would probably be too limiting and would harm the user experience. Instead, OpenAI uses something called an independent web index, which records public URLs that are already known to exist on the internet, independent of any user data.

Mashable Light Speed

So, if a URL is on the index, then the AI agent can open it without a problem. If not, the user will see a warning asking for their permission to move forward.

OpenAI example image of a warning pop-up about an unverified web link

You might see this if the agent tries to access something it shouldn't. Credit: OpenAI

As OpenAI explains in its blog post, "This shifts the safety question from 'Do we trust this site?' to 'Has this specific address appeared publicly on the open web in a way that doesn’t depend on user data?'"

You can see a more technical explainer in a lengthy research paper OpenAI published last year, but the main thing to know is that it's possible for web pages to manipulate AI agents into doing things they shouldn't do. A common form of this is prompt injection, which gives clandestine instructions to the AI model, asking it to retrieve sensitive data or otherwise compromise your cybersecurity.

To be clear, as OpenAI states in the blog post, this is just one layer of security that doesn't necessarily guarantee that what you're about to click on is entirely safe. Websites can contain social engineering or other bad-faith constructs that an AI agent wouldn't necessarily be able to notice.

Disclosure: Ziff Davis, Mashable’s parent company, in April 2025 filed a lawsuit against OpenAI, alleging it infringed Ziff Davis copyrights in training and operating its AI systems.

Bitte loggen Sie sich ein, um liken, teilen und zu kommentieren!
Suche
Kategorien
Mehr lesen
Technology
The Fire TV 2-Series is back on sale at Amazon — get this budget-friendly TV for under $150
Best TV deal: Amazon Fire TV 2-Series for under $150...
Von Test Blogger7 2026-01-30 11:00:15 0 63
Home & Garden
I'm an Expert Deal Hunter, and These Are the Best Amazon Discounts Under $25 Right Now
Save Up to 80% on These Top Discounts on Amazon Under $25—Selected by a Pro Deal Hunter It’s the...
Von Test Blogger9 2026-01-29 12:00:22 0 83
Home & Garden
These Copycat Cracker Barrel Fried Apples Taste Like Pure Nostalgia
These Copycat Cracker Barrel Fried Apples Taste Like Pure Nostalgia There's no need to make a...
Von Test Blogger9 2026-02-03 08:00:48 0 56
Spiele
Proxy vs VPN - what's the difference?
Proxy vs VPN - what's the difference? The proxy vs VPN question is one that anybody who has...
Von Test Blogger6 2026-01-28 09:00:21 0 106
Music
What Mike Portnoy Thinks About Not Being Asked to Join Rush
What Mike Portnoy Thinks About Not Being Asked to Join Rush for Reunion TourWhat are Mike...
Von Test Blogger4 2026-01-23 22:00:20 0 141
© 2026 Sngine-YND Deutsch
English Arabic French Spanish Portuguese Deutsch Turkish Dutch Italiano Russian Romaian Portuguese (Brazil) Greek
Über Bedingungen Datenschutz Kontaktiere uns Verzeichnis