OpenAI has taken a significant step into agentic AI with a powerful upgrade to its Codex tool. According to Digi.no, the system is now capable of operating all applications on the user's PC completely independently — without human intervention.
What is an AI agent, and what can Codex now do?
AI agents differ from regular AI assistants in that they don't just answer questions — they act. They plan tasks, make decisions, and execute them in sequence, often across different programs and services. With the new upgrade, Codex should be able to navigate everything from email clients and web browsers to spreadsheets and code editors, all according to the user's request.
This represents a significant shift from the classic AI chatbot, which is limited to one conversation box, to a system that moves freely throughout your entire digital workspace.
From one conversation box to free movement throughout the entire digital workspace — that is the real change Codex represents.
Security experts sound the alarm
Autonomous AI agents with broad access to a computer open up a significant threat landscape. According to collected research information, prompt injection is considered one of the foremost risks: attackers can embed malicious instructions in documents or input fields to override the agent's original programming and trigger unintended actions.
John Paul Cunningham, CISO at Silverfort, warns that organizations "unknowingly grant AI agents broad access — to email, audio recordings from meetings, and sensitive communications — with little oversight or logging." The analysis firm Gartner estimates that one in four future enterprise breaches will involve the misuse of agentic AI.
Privacy: A new dimension of concern
Beyond the technical vulnerabilities lies a deeper ethical question. For an AI agent to function autonomously, it needs access to enormous amounts of personal and sensitive information — financial data, communication patterns, browser history, and potentially biometric data.
Adnan Masood, Chief AI Architect at the consulting firm UST, sharply articulates the problem: no amount of encryption or anonymization can protect against a system that never forgets anything and can connect data points across datasets in ways humans would never think to compare.
Matissa Hollister, Assistant Professor at McGill Desautels, points out that agents typically take repeated screenshots to navigate the user interface — which in itself poses a risk to confidential information.
"Not mature enough" for full autonomy, according to expert
Matt Kropp from Boston Consulting Group is clear that the technology is not yet ready for uncritical mass distribution: it is "quite risky right now, because there aren't enough safety nets in the system for people to feel comfortable with agents autonomously buying things for them," according to him.
Furthermore, LLM-based agents are not 100% reliable and can "hallucinate" — meaning they give confident but incorrect answers. In multi-step workflows, a small error early in the process can propagate and be magnified through all subsequent decisions.
What does this mean for Norwegian users and businesses?
For Norwegian users and businesses, there is every reason to follow developments closely. Agentic AI is growing rapidly, and Norwegian businesses that adopt such tools without adequate security policies risk exposing sensitive information. The GDPR regulations also impose strict requirements on how personal data is processed automatically — which can place autonomous AI agents in a legal grey area.
Digi.no describes the launch as a significant milestone, but it remains to be seen what specific limitations and security measures OpenAI has built into the upgraded Codex version. 24AI is following the case.