{"id":"https://openalex.org/W7127268268","doi":"https://doi.org/10.48550/arxiv.2602.01725","title":"SafePred: A Predictive Guardrail for Computer-Using Agents via World Models","display_name":"SafePred: A Predictive Guardrail for Computer-Using Agents via World Models","publication_year":2026,"publication_date":"2026-02-02","ids":{"openalex":"https://openalex.org/W7127268268","doi":"https://doi.org/10.48550/arxiv.2602.01725"},"language":null,"primary_location":{"id":"pmh:doi:10.48550/arxiv.2602.01725","is_oa":true,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"publisher-specific-oa","license_id":"https://openalex.org/licenses/publisher-specific-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":null,"any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5124962463","display_name":"Yurun Chen","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Chen, Yurun","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5124893590","display_name":"Zeyi Liao","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Liao, Zeyi","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5108239964","display_name":"Ping Yin","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yin, Ping","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5124914993","display_name":"Taotao Xie","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Xie, Taotao","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100956154","display_name":"Keting Yin","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yin, Keting","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5124899336","display_name":"Shengyu Zhang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zhang, Shengyu","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5124962463"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.37549999356269836,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.37549999356269836,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.1647000014781952,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T13295","display_name":"Safety Systems Engineering in Autonomy","score":0.028699999675154686,"subfield":{"id":"https://openalex.org/subfields/2213","display_name":"Safety, Risk, Reliability and Quality"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.5831000208854675},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.5055000185966492},{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.4943000078201294},{"id":"https://openalex.org/keywords/pruning","display_name":"Pruning","score":0.4706999957561493},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.4023999869823456},{"id":"https://openalex.org/keywords/risk-assessment","display_name":"Risk assessment","score":0.3370000123977661}],"concepts":[{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.7366999983787537},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.5831000208854675},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5070000290870667},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.5055000185966492},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.4943000078201294},{"id":"https://openalex.org/C108010975","wikidata":"https://www.wikidata.org/wiki/Q500094","display_name":"Pruning","level":2,"score":0.4706999957561493},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.4023999869823456},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.36320000886917114},{"id":"https://openalex.org/C12174686","wikidata":"https://www.wikidata.org/wiki/Q1058438","display_name":"Risk assessment","level":2,"score":0.3370000123977661},{"id":"https://openalex.org/C2164484","wikidata":"https://www.wikidata.org/wiki/Q5170150","display_name":"Core (optical fiber)","level":2,"score":0.33160001039505005},{"id":"https://openalex.org/C2777093003","wikidata":"https://www.wikidata.org/wiki/Q6508345","display_name":"Lead (geology)","level":2,"score":0.27459999918937683},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.26489999890327454},{"id":"https://openalex.org/C61797465","wikidata":"https://www.wikidata.org/wiki/Q1188986","display_name":"Term (time)","level":2,"score":0.2644999921321869},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.2624000012874603}],"mesh":[],"locations_count":2,"locations":[{"id":"pmh:doi:10.48550/arxiv.2602.01725","is_oa":true,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"publisher-specific-oa","license_id":"https://openalex.org/licenses/publisher-specific-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Article"},{"id":"doi:10.48550/arxiv.2602.01725","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2602.01725","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:doi:10.48550/arxiv.2602.01725","is_oa":true,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"publisher-specific-oa","license_id":"https://openalex.org/licenses/publisher-specific-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Article"},"sustainable_development_goals":[{"score":0.6166480183601379,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"With":[0],"the":[1,36,88,103,153,160,164],"widespread":[2],"deployment":[3],"of":[4,106,163,171],"Computer-using":[5],"Agents":[6],"(CUAs)":[7],"in":[8],"complex":[9],"real-world":[10],"environments,":[11],"prevalent":[12],"long-term":[13,58,145,175],"risks":[14,47,110,192],"often":[15],"lead":[16,64,183],"to":[17,65,77,132,167,184,224],"severe":[18],"and":[19,144,174,179,201,218],"irreversible":[20],"consequences.":[21],"Most":[22],"existing":[23],"guardrails":[24,42,84],"for":[25,125,155],"CUAs":[26,126],"adopt":[27],"a":[28,51,71,98,121,129],"reactive":[29,83,228],"approach,":[30,101,117],"constraining":[31],"agent":[32,135],"behavior":[33],"only":[34],"within":[35,87],"current":[37,89,112],"observation":[38,90],"space.":[39,91],"While":[40],"these":[41,94],"can":[43,63],"prevent":[44],"immediate":[45],"short-term":[46,173],"(e.g.,":[48,73],"clicking":[49],"on":[50,115],"phishing":[52],"link),":[53],"they":[54],"cannot":[55,85],"proactively":[56],"avoid":[57],"risks:":[59],"seemingly":[60],"reasonable":[61],"actions":[62,181],"high-risk":[66,185,211],"consequences":[67],"that":[68,127,182,207],"emerge":[69],"with":[70,102,111,227],"delay":[72],"cleaning":[74],"logs":[75],"leads":[76],"future":[78,109],"audits":[79],"being":[80],"untraceable),":[81],"which":[82],"identify":[86],"To":[92],"address":[93],"limitations,":[95],"we":[96,118],"propose":[97],"predictive":[99,122],"guardrail":[100,123],"core":[104],"idea":[105],"aligning":[107],"predicted":[108,191],"decisions.":[113],"Based":[114],"this":[116],"present":[119],"SafePred,":[120],"framework":[124],"establishes":[128],"risk-to-decision":[130],"loop":[131],"ensure":[133],"safe":[134,195],"behavior.":[136],"SafePred":[137,158,208],"supports":[138],"two":[139],"key":[140],"abilities:":[141],"(1)":[142],"Short-":[143],"risk":[146,156],"prediction:":[147],"by":[148,222],"using":[149],"safety":[150,216],"policies":[151],"as":[152],"basis":[154],"prediction,":[157],"leverages":[159],"prediction":[161],"capability":[162],"world":[165],"model":[166],"generate":[168],"semantic":[169],"representations":[170],"both":[172],"risks,":[176],"thereby":[177],"identifying":[178],"pruning":[180],"states;":[186],"(2)":[187],"Decision":[188],"optimization:":[189],"translating":[190],"into":[193],"actionable":[194],"decision":[196],"guidances":[197],"through":[198],"step-level":[199],"interventions":[200],"task-level":[202],"re-planning.":[203],"Extensive":[204],"experiments":[205],"show":[206],"significantly":[209],"reduces":[210],"behaviors,":[212],"achieving":[213],"over":[214],"97.6%":[215],"performance":[217],"improving":[219],"task":[220],"utility":[221],"up":[223],"21.4%":[225],"compared":[226],"baselines.":[229]},"counts_by_year":[],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2026-02-04T00:00:00"}