OpenAI launches ChatGPT agent to carry out tasks

On Thursday, Microsoft (NASDAQ:MSFT)-backed OpenAI launched an AI agent for its chatbot ChatGPT.

The company said ChatGPT can now do work for users using its own computer, handling complex tasks from start to finish.

The ChatGPT agent brings together three strengths of earlier breakthroughs — Operator’s⁠ ability to interact with websites, deep research’s⁠ skill in synthesizing information, and ChatGPT’s intelligence and conversational fluency, according to the company.

The ChatGPT agent started rolling out on Thursday to Pro, Plus, and Team. Pro received access by the end of the day, while Plus and Team users will get access over the next few days, the company added.

Enterprise and Education users will get access in the coming weeks.

OpenAI noted that it is still working on enabling access for the European Economic Area and Switzerland.

The company said ChatGPT requests permission before taking actions of consequence, and a user can interrupt, take over the browser, or stop tasks at any point.

A user can activate ChatGPT’s new agentic capabilities directly through the tools dropdown from the composer by selecting ‘agent mode’ at any point in any conversation.

OpenAI said this release marks the first time users can ask ChatGPT to take actions on the web. This introduces new risks, particularly because ChatGPT agent can work directly with a user’s data, whether it’s information accessed through connectors or websites that a user has logged into via takeover mode.

The company said that it has added safeguards for challenges such as handling sensitive information on the live web, broader user reach, and (limited) terminal network access. However, while these mitigations significantly reduce risk, ChatGPT agent’s expanded tools and broader user reach mean its overall risk profile is higher, according to the company.

In addition, OpenAI has implemented mitigations such as Explicit user confirmation: ChatGPT is trained to explicitly ask for user permission before taking actions with real-world consequences, like making a purchase; Active supervision (Watch Mode): Certain critical tasks, like sending emails, require a user’s active oversight; and proactive risk mitigation: ChatGPT is trained to actively refuse high-risk tasks such as bank transfers.

The model also has OpenAI’s most comprehensive safety stack to date with enhanced safeguards for biology — threat modeling, dual-use refusal training, always-on classifiers and reasoning monitors, and clear enforcement pipelines.