Why it matters
The Operator system card documents red teaming and mitigation choices for a computer-using agent, with prompt injections listed as a central risk area.
My takeaway: Particularly relevant for agent builders. It helps frame what secure launch criteria can look like when a model is allowed to act on behalf of a user.