OpenAI is letting some users try out its recent ChatGPT feature, which uses artificial intelligence to power your web browser to book trips, shop for groceries, bargain hunt and do much more online.
The recent tool, called Operator, is an artificial intelligence agent: it relies on an artificial intelligence model trained on both text and images to interpret commands and learn how to exploit a web browser to execute them. OpenAI claims it has the potential to automate many everyday tasks and errands at work.
Operator OpenAI follows rival versions Google and Anthropic, which have shown they can exploit the Internet. AI agents are widely seen as the next stage in the AI evolution following chatbots, and many companies have jumped on the train by touting them. In most cases, they are very constrained in their capabilities and simply exploit a language model to automate things typically performed in regular software.
“Artificial intelligence is evolving from a tool that can answer your questions to a tool that can take actions around the world by executing complex, multi-step workflows,” says Peter Welinder, vice president of product at OpenAI. “We will see a big impact on people’s productivity, but also on the quality of work that people are able to do.”
OpenAI acknowledges that making ChatGPT available to the web browser introduces recent risks and claims that the Operator may sometimes behave inappropriately. It says it has implemented various recent security measures and plans to gradually expand Operator’s capabilities.
Welinder and Yash Kumar, product and engineering managers for OpenAI’s Computer Using Agent, say the plan is to learn from how people exploit the tool. They acknowledge that the tool can make unwanted reservations or purchases, but add that a lot of work has gone into ensuring that it prompts you before doing anything risky. “He will come back to me and ask for confirmation before taking steps that may be irreversible,” says Kumar.
OpenAI also released a recent “system card” today that describes issues that may arise with Operator. These include the possibility of commands being misunderstood or deviating from what the user is requesting; be misused by users; or become a target of cybercriminals.
“It also creates an incredible number of security challenges,” says Kumar. “Because the attack vector area and the risk vector area are increasing significantly.”
Operator will initially be available as a “research preview” for ChatGPT users with a Pro account, which costs a whopping $200 per month. The company says it plans to expand access during a leisurely rollout of the tool, as some mistakes will inevitably be made along the way.
During several demonstrations, Operator showed that artificial intelligence could take on a more energetic role as an online helper. The tool has a remote web browser and a chat window enabling communication with the user.
At the request of WIRED, the Operator was asked to book an Amtrak train trip from Recent Haven, Connecticut to Washington, DC. She went to the correct website and correctly entered the information needed to view the timetable and then asked for further instructions. If a user were logged into Amtrak’s website or browser profile with their credit card information saved, the Operator could go ahead and book the ticket – although it asks for permission first.
Kumar asked the Operator to reserve a table at the Beretta restaurant in San Francisco. The program visited the OpenTable website, found a suitable restaurant and checked availability, then asked what to do next. OpenAI says it has partnered with many popular websites, including OpenTable, to ensure Operator runs smoothly on them.
The recent tool is based on the OpenAI GPT-4o AI model, which can recognize the browser and website and communicate via entered text. The tool includes additional training to lend a hand him understand how to complete online tasks. OpenAI will also make its Computer Usage Agent available through its API.