Local computer use agents, such as Anthropic's Claude Code and OpenAI's Codex, are reshaping how we interact with technology. These agents use natural language to perform tasks, blurring the line between legitimate and malicious activity. Their capacity to access a computer's entire ecosystem—files, credentials, and applications—creates significant productivity benefits, but also introduces major security risks. Users, often non-technical, easily grant these agents broad permissions without fully understanding the implications. This trend can lead to scenarios where a personal assistant agent reading emails could also be exploited for corporate espionage. The traditional security model, which relies on signature-based detection, is ill-equipped to handle the non-deterministic nature of these agents. Unlike earlier threats, which could be identified by specific signatures, agents can execute tasks in countless ways, making it nearly impossible to predict their behavior. For instance, asking an agent to analyze financial data might yield different methods each time. This variability creates a sea of indistinguishable actions, complicating the detection of malicious intent. Existing security tools focus on clear-cut actions, but agents operate in a grey area where intent is crucial. As organizations increasingly adopt these technologies, the risk of permission creep escalates. The agents themselves advocate for expanded access, often leading users to unintentionally grant more permissions than necessary. This is reminiscent of the challenges faced with PowerShell, which became a powerful tool for both legitimate users and attackers. The growing reliance on these agents requires a shift in how we approach security, emphasizing the need for contextual understanding over traditional detection methods. Without adapting to this new reality, organizations risk leaving themselves vulnerable to exploitation.