Skip to content
Back to full roadmap
topicadvanced

Computer Use Safety

Autonomous agents misclick — sandbox + approval + audit + revert capability mandatory.

2 hours1 prereqs

Computer use = the riskiest production pattern. Mandatory layers:

  1. Sandbox VM — agent accesses an isolated VM/container, not the host OS
  2. No real credentials — test data + test accounts; zero agent access to production data
  3. Action approval gates — user prompt before destructive action ("Should I send this email?")
  4. Site allowlist — agent operates only on permitted domains
  5. Audit log + replay — screen recording + click log for every action
  6. Kill switch — user can say "STOP" at any time
  7. Rate limiting — max X actions/sec, prevent brute-force behavior

Prerequisites

Anthropic Computer Use
Claude sees the screen, controls mouse/keyboard. GUI automation revolution.
Previous
Vision-Based UI Understanding
Next
Mobile Agents
Open the full interactive roadmap