# SkillHarness：为计算机使用智能体安全地利用技能

- 来源：HuggingFace Daily Papers（社区热门论文）
- 发布时间：2026-06-02 08:00
- AIHOT 分数：43
- AIHOT 链接：https://aihot.virxact.com/items/cmqqdbgdc08tislp5arzh6vxr
- 原文链接：https://arxiv.org/abs/2606.20636

## AI 摘要

计算机使用智能体在动态交互环境中面临提示注入等对抗性交互和弹窗等环境动态带来的安全风险。现有技能学习方法假设静态安全环境，可能导致危险技能学习。SkillHarness将技能学习与利用建模为安全约束交互过程，引入技能边界机制，利用多源监督信号从交互轨迹中识别安全技能，并构建自改进的安全约束；同时通过选择性技能复用，根据上下文引导任务分解并选择性激活技能子集。实验表明，SkillHarness将学习技能的不安全率降低57.1%，并在动态环境变化下持续提升执行稳定性。

## 正文

Computer-Use Agents (CUAs) are increasingly deployed in dynamic interactive environments, creating a growing need for continual skill learning during interaction. Recent approaches address this challenge by learning reusable skills from successful trajectories. However, these skill learning methods largely assume static and safe environments, overlooking risks from adversarial interactions (e.g., prompt injections) and environmental dynamics (e.g., pop-ups). In dynamic settings, such assumptions can lead to risky skill learning and brittle execution, undermining the reliability of CUAs. This raises the question: how can CUAs learn and use skills safely in dynamic environments? To address this problem, we propose SkillHarness, a framework for safe skill harnessing in dynamic environments. SkillHarness moves beyond static skill abstractions by modeling skill learning and utilization as a safety-constrained interaction process. Specifically, we introduce the skill boundary that leverages multi-source supervision signals to identify safe skills from interaction trajectories, and construct self-improving safety constraints throughout the skill lifecycle. In addition, SkillHarness introduces selective skill reuse, where tasks are guided to decompose according to context and completed through the selective activation of skill subsets. Our experiments demonstrate that SkillHarness significantly reduces the unsafe rate of learned skills by 57.1% and consistently improves execution stability under dynamic environmental changes, outperforming existing baselines.
