中办国办印发《关于提高技术工人待遇的意见》

ChatGPT has evolved into a service that not only answers questions, but can act as your digital assistant. With the ChatGPT agent feature, the AI system can perform tasks for you with limited supervision.?

In this article, I’ll demystify what ChatGPT agent is, explain how to set up and use it, and discuss the security concerns and risks you should consider when using it.

What is ChatGPT agent?

ChatGPT agent is a new feature that allows the AI to complete multi-step tasks on your behalf. Acting as your assistant, it can perform actions like online research, filling out data, and even purchasing goods and services for you—think ordering a pizza or booking a flight.

When using this feature, ChatGPT spins up a virtual environment for the agent to use. The agent then uses this environment to search the internet and perform tasks. When needed, it asks the user to jump into this environment to fill in details, such as giving user permissions or payment details.

Is ChatGPT agent similar to OpenAI’s Operator?

Yes. ChatGPT agent is an improvement on Operator, a feature released in January 2025, and with its release the Operator site is being deprecated. Unlike Operator, ChatGPT agent has better integration with third party services to complete tasks (Think Gmail and Google Calendar). It also has access to OpenAI’s deep research feature.?

How do I use ChatGPT agent?

Getting started with the ChatGPT agent feature is simple. First, you need to set up a paid account and/or log in to Chatgpt.com. Once you’re done, you should see this input box:

Click on Tools, and a dropdown menu should appear. Hover over Agent Mode. This will tell you how many uses you have left, and is a handy trick to know. When you’re ready to get started, click on it.

A list of suggested actions should appear. Type in the activity you’d like the agent to perform. You can optionally connect data sources so the agent has access to services like Gmail, GitHub, Dropbox, and Canva—that will allow it to actually perform tasks using these services. Then, start your chat!

Yes, I wrote this article around lunch time. Why do you ask?

A chat window will appear and the agent will spin up a virtual environment to go about its work. It will continue until the agent finishes the task or it comes across a blocker requiring your input.

Taking over from ChatGPT agent to complete a task

There will be times that ChatGPT agent cannot complete a task because it’s hit a wall, such as a user sign-in screen or having to fill in payment details in a cart. In this scenario, it will ask you to take over. Click the Take over button to do this.

A warning will appear letting you know of the safety risks involved. After reading and understanding these, click I Understand.?

You will be logged into the remote browser, where you can click around just as you would a regular browser and enter the required information. When you’re done, hit Finish controlling.

Once you are done, the agent will check to see if you have put in enough details for it to complete the task. If so, it will continue until it completes the original task (or hits another roadblock).

What are connectors in ChatGPT agent?

Connectors are third-party applications that can be paired with ChatGPT agent, allowing it to act within that service with your permissions and access any relevant information. ChatGPT agent supports the following connectors:

• Box

• Canva

• Dropbox

• GitHub

• Gmail

• Google Calendar

• Google Drive

• Hubspot

• Linear

• Notion

• Outlook Calendar

• Outlook Email

• SharePoint

• Teams

How to add connectors to ChatGPT agent

• Log in to ChatGPT

• Click on Tools

• Click on Agent Mode

• Click on Sources

• Select from the available options, or click Connect More for the full list of connectors

Depending on the service, you will receive a prompt and be asked to navigate to that service to allow ChatGPT to have permissions to it.

Is ChatGPT agent free to use?

No. Currently it is only available on the Pro, Plus, and Team plans, not the Free plan.?

What are the usage limits for ChatGPT agent?

• Pro:?400 messages/month.

• Plus:?40 messages/month.

• Team:?40 messages/month or 30 credits/message with flexible pricing.

It’s important to note that any message you initiate with the agent counts towards this quota. So, for example, if you ask it to do a task, then you ask it to do something else mid-process, this counts as two messages. However, according to OpenAI, most agent clarifications, confirmations, and authentication steps don’t count against your quota.

How long does ChatGPT agent take to complete a task?

Typically between 5 to 30 minutes, but this really depends on the complexity of the task. Our internal tests show an average of roughly 10 minutes.?

Is ChatGPT agent safe and secure to use?

No, not from a cybersecurity perspective—and OpenAI even warns you as much. While the service does include some safeguards, ChatGPT agent can perform potentially destructive actions across any account you connect it, to and put your data at risk.

What are the risks of using ChatGPT agent?

• Indirect prompt injection/data poisoning:?The agent may visit a site with malicious instructions hidden on it which causes it to leak your sensitive information or perform destructive actions on the platforms you’ve connected it to. E.g. Destroying your Google data.

• Excessive autonomy:?With great power comes great responsibility. Since you’ve given an AI the keys to the kingdom, it can perform any actions you can. E.g. Deleting all your account data without any confirmation from you.

• AI hallucination:?AI are notorious for incorrectly interpreting instructions, making up information, or inventing unintended tasks. Because it’s got your login permissions (and potentially payment details) this means it can do things you didn’t ask it to do. E.g. Buying something unrelated to your request, compromising your data, etc.

• Lack of auditability:?You’ve given the agent your login details. So, if it does something sketchy, how does someone tell the difference between you and it in the system logs? “An AI did it” isn’t going to necessarily fly in this scenario.

How can I reduce the risks of using ChatGPT agent and keep my data safe?

• When you’ve asked it to do something sensitive, such as making a purchase, keep an eye on what the agent is actually doing in real time—don’t wander off. Ten minutes after it’s deleted all of your data or bought a boat is too late.

• Limit the permissions you give it. Don’t connect everything you can think of.

• Before you sign into a website using ChatGPT agent, think about if there’s any sensitive information you wouldn’t want to go public, and how much damage attackers could do if they hijacked the AI and ran rampant in said account.

• Don’t type in passwords or sensitive information directly into your messages.

• Don’t make under-specified, open-ended requests of the agent. E.g. “Review my GitHub issues and do whatever it takes to solve them without bothering me.”

• Immediately stop the task if the AI is doing something unexpected or suspicious.

• Clear remote browser history after any sensitive information in your settings.

• Regularly check your connector permissions.

• Add custom instructions to restrict the agent as much as you can. E.g. “Don’t edit or delete any data that is provided by the connectors” or “Don’t ever purchase anything above $50.”

Conclusion

ChatGPT agent is a powerful new tool for conducting multi-step tasks. However, users should go in fully aware of the potential risks involved of using it for certain tasks, and take measures to actively protect themselves.?

Want to learn more about Generative AI?

Pluralsight offers a range of?beginner, intermediate, and expert AI and ML courses, including dedicated courses on generative AI. Since you can?sign up for a 10-day free trial?with no commitments, it’s a great way to take some professionally authored courses with a set course structure. Why not check them out?