Part 8/11:

• Misalignment Mitigation: The model is designed to avoid harmful or malicious tasks, with built-in moderation and post-task detection.

• Session Privacy and Control: Users can take back control at any time during a task, ensuring transparency and manual oversight.

• Website and Task Restrictions: The system is programmed to avoid fraudulent or unsafe sites, with a layered defense against prompt injections or malicious instructions.

OpenAI emphasizes iterative improvements and cautious deployment—starting with Pro users in the U.S., with plans to expand gradually and incorporate user feedback.

Performance Benchmarks and Limitations

While impressive, Operator is still a research preview with room for growth. Key performance metrics include: