OpenAI's GPT-Red Automates Prompt Injection Testing to Harden AI Agents
OpenAI says the adversarial model found a new prompt-injection method and will help researchers harden defenses as agentic systems expand.
- This week, OpenAI detailed GPT-Red, an automated security tool designed to hunt for prompt injection vulnerabilities in its AI systems before public release.
- Researchers built GPT-Red using a 'self-play loop' dojo, pitting the attacker against defender models in scenarios mimicking real-world deployments like email and code editing.
- During testing, GPT-Red outperformed human red-teamers, cracking 84% of scenarios to their 13%, though effectiveness dropped below 23% against the robust GPT-5.6.
- OpenAI researcher Chris Choquette-Choo detailed the system's 'fake chain of thought' attack, where the model inserts spoofed notes to trick other systems, though the company refuses to release it publicly.
- Despite blind spots in drawn-out attacks and image-based injections, Jessica Ji, an AI security analyst at Georgetown's CSET, said human expertise remains essential for identifying remaining vulnerabilities.
28 Articles
28 Articles
OpenAI's GPT-Red automates prompt injection testing to harden AI agents
Now that AI agents are performing real tasks rather than just generating text, the old methods of manual security testing can no longer keep up. Relying on human researchers to manually discover vulnerabilities one by one is too slow for the agents. Enter GPT-Red. OpenAI on Wednesday unveiled an automated red-teaming system designed to find prompt injection vulnerabilities at a scale that would be impractical for human testers alone. While human…
OpenAI’s GPT-Red Turns AI Against Itself to Outpace Tomorrow’s Hackers
OpenAI just released details on a secret weapon. It’s an AI model built to attack other AI models. The goal? Make its own systems harder to break. GPT-Red doesn’t chat politely. It probes for weaknesses. It finds ways to slip harmful instructions past safeguards. And it does so at a scale no team of humans could match. The company detailed the project today in a blog post and a companion piece in MIT Technology Review. Why build a hacker? Becaus…
OpenAI Details GPT-Red: An Internal Automated Red-Teaming Model That Beat Human Red-Teamers 84% To 13% On Prompt Injection
This week, OpenAI published details of GPT-Red, an internal-only automated red-teaming model. Its job is to attack OpenAI’s own models and find prompt injection vulnerabilities. OpenAI gives two reasons. Human red-teaming is time-intensive and does not scale. Commonly used robustness evaluations are already saturated by its latest models. Meanwhile, the attack surface grows. Agents read third-party data through browsers, connected apps, local fi…
Coverage Details
Bias Distribution
- 75% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium







