"What Did It Actually Do?": Understanding Risk Awareness and Traceability for Computer-Use Agents

"What Did It Actually Do?": Understanding Risk Awareness and Traceability for Computer-Use Agents | Signal Canvas | ScienceToStartup

Page Freshness

Signal Canvas proof surface

Canonical route: /signal-canvas/what-did-it-actually-do-understanding-risk-awareness-and-traceability-for-computer-use-agents

stale

Proof freshness: stale
Proof status: unverified
Display score: 4/10
Last proof check: 2026-03-31
Score updated: 2026-04-02
Score fresh until: 2026-05-02
References: 20
Source count: 3
Coverage: 50%

This page is showing the last landed evidence receipt and score bundle because the latest proof data is outside the freshness window.

Agent Handoff

Canonical ID what-did-it-actually-do-understanding-risk-awareness-and-traceability-for-computer-use-agents | Route /signal-canvas/what-did-it-actually-do-understanding-risk-awareness-and-traceability-for-computer-use-agents

REST example

curl https://sciencetostartup.com/api/v1/agent-handoff/signal-canvas/what-did-it-actually-do-understanding-risk-awareness-and-traceability-for-computer-use-agents

MCP example

{
  "tool": "search_signal_canvas",
  "arguments": {
    "mode": "paper",
    "paper_ref": "what-did-it-actually-do-understanding-risk-awareness-and-traceability-for-computer-use-agents",
    "query_text": "Summarize \"What Did It Actually Do?\": Understanding Risk Awareness and Traceability for Computer-Use Agents"
  }
}

source_context

{
  "surface": "signal_canvas",
  "mode": "paper",
  "query": "\"What Did It Actually Do?\": Understanding Risk Awareness and Traceability for Computer-Use Agents",
  "normalized_query": "2603.28551",
  "route": "/signal-canvas/what-did-it-actually-do-understanding-risk-awareness-and-traceability-for-computer-use-agents",
  "paper_ref": "what-did-it-actually-do-understanding-risk-awareness-and-traceability-for-computer-use-agents",
  "topic_slug": null,
  "benchmark_ref": null,
  "dataset_ref": null
}

Evidence Receipt

Route status: building

Claims: 8

References: 20

Proof: Verification pending

Freshness state: computing

Source paper: "What Did It Actually Do?": Understanding Risk Awareness and Traceability for Computer-Use Agents

PDF: https://arxiv.org/pdf/2603.28551v1

Source count: 3

Coverage: 50%

Last proof check: 2026-03-31T20:22:25.553Z

Signal Canvas receipt window

Not build-ready: "What Did It Actually Do?": Understanding Risk Awareness and Traceability for Computer-Use Agents

/buildability/what-did-it-actually-do-understanding-risk-awareness-and-traceability-for-computer-use-agents

Ignoreblocked

Subject: "What Did It Actually Do?": Understanding Risk Awareness and Traceability for Computer-Use Agents

Verdict

Ignore

Verdict is Ignore because current viability and proof state do not clear the buildability gate.

Preparing verified analysis

GitHub Code Pulse

No public code linked for this paper yet.

Claim map

Strong 8Mixed 0Weak 0

Evidencepartial
Our findings suggest that participants often recognized these systems as risky in the abstract, but lacked concrete mental models of what skills can do, what resources agents can access, and what changes may remain after execution or removal.
Implicationpartial
Directly stated in the abstract as a key finding from the interview study, though specific quantitative results are not provided in the given text.
Verificationpartial
partial
Evidencepartial
Yet users often do not know what authority they have delegated, what the agent actually did during task execution, or whether the system has been safely removed afterward.
Implicationpartial
Explicitly and directly stated as the core problem in the abstract.
Verificationpartial
partial
Evidencepartial
280+ Leaky Skills: How OpenClaw & ClawHub Are Exposing API Keys and PII... Snyk Finds Prompt Injection in 36%
Implicationpartial
Directly referenced from a cited security research blog with specific numbers (280+ leaky skills, 36% prompt injection rate).
Verificationpartial
partial
Evidencepartial
A scenario-based evaluation suggests that traceability-oriented interfaces can improve understanding of agent behavior, support anomaly detection, and foster more calibrated trust.
Implicationpartial
Claim is presented as a finding from a scenario-based evaluation, but the specific evaluation results are not detailed in the provided text.
Verificationpartial
partial
Evidencepartial
Unlike conventional chatbots, these systems can install skills, invoke tools, access private resources, and modify local environments on users' behalf.
Implicationpartial
Explicitly and directly stated as a defining characteristic in the abstract.
Verificationpartial
partial
Evidencepartial
We investigate this gap as a combined problem of risk understanding and post-hoc auditability
Implicationpartial
Directly stated as the framing of the research problem in the abstract.
Verificationpartial
partial
Evidencepartial
people often begin verification by reconstructing what the AI actually did before deciding whether the result is correct.
Implicationpartial
Supported by a direct quote citing prior work (Gu et al.) that aligns with the paper's core thesis.
Verificationpartial
partial
Evidencepartial
We first build a multi-source corpus of the OpenClaw ecosystem... We then conduct an interview study to examine how users and practitioners understand...
Implicationpartial
Explicitly stated in the abstract as the methods used.
Verificationpartial
partial

Author intelligence and commercialization panels stay hidden until the proof receipt is verified, cites at least 3 references, includes at least 2 sources, and clears 50% coverage. The paper narrative and citation surfaces remain public while verification is pending.

"What Did It Actually Do?": Understanding Risk Awareness and Traceability for Computer-Use Agents

Use Signal Canvas as the narrative proof surface

Use this Signal Canvas via API or MCP

Signal Canvas proof surface