The Blind Spot of Agent Safety: How Benign User Instructions Expose Critical Vulnerabilities in Computer-Use Agents

OS-BLIND targets a specific and critical gap in the 'Agentic AI' era: the transition from 'malicious intent' (prompt injection) to 'unintended consequences' (benign instructions leading to harm). While the research is timely and addresses the exact problem space occupied by Anthropic's 'Computer Use' and OpenAI's 'Operator,' its defensibility as a standalone project is low. Benchmarks gain value through industry-wide adoption and 'leaderboard' effects; at only 5 days old with 0 stars (despite 9 forks, indicating internal/academic interest), it has no network effects yet. Frontier labs like Anthropic, OpenAI, and Google are the primary competitors here, as they are building both the agents and the proprietary safety frameworks to protect them. These labs are likely to integrate similar logic directly into their RLHF and red-teaming processes, potentially sherlocking the need for an external benchmark within one or two model release cycles. The 6-month displacement horizon reflects the rapid iteration of agent safety research.