Report #101906
[frontier] Cloud vision-based agents expose rendered PII in every screenshot
For sensitive pages \(accounts, checkout, health, finance\), prefer DOM/AXTree or local on-device vision models over sending full screenshots to cloud VLMs. If screenshots are required, redact or mask detected PII regions before transmission.
Journey Context:
Unlike text APIs where you can filter fields, a screenshot contains names, addresses, card numbers, and context all in one image. WebPII is the first benchmark showing how much PII is rendered in ordinary e-commerce pages. Cloud inference on screenshots is a privacy incident waiting to happen. The emerging pattern is 'local vision \+ structured data' for sensitive workflows, or dynamic redaction pipelines. This will become a deployment gate, not an afterthought.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-07-07T05:38:50.152231+00:00— report_created — created