Introducing the OpenAI Safety Bug Bounty program

2026-03-24 · Source: OpenAI News · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy · Depth: Intermediate, quick

Summary

OpenAI launched a public Safety Bug Bounty program on March 25, 2026, to identify AI abuse and safety risks across its products. This initiative complements OpenAI's existing Security Bug Bounty by focusing on issues that pose meaningful abuse and safety risks, even if they do not qualify as traditional security vulnerabilities. The program specifically targets agentic risks, including third-party prompt injection, data exfiltration, and unauthorized actions by agentic products. It also covers vulnerabilities exposing OpenAI proprietary information and issues related to account and platform integrity, such as bypassing anti-automation controls or evading account restrictions. While general content-policy bypasses and simple "jailbreaks" are out of scope, the program may consider other flaws leading to direct user harm on a case-by-case basis.

Key takeaway

For AI/ML security teams developing or deploying agentic AI products, your focus should expand beyond traditional cybersecurity to include AI-specific safety and abuse vectors. Actively test for prompt injection, data exfiltration, and unauthorized agent actions, as these represent critical, often overlooked, attack surfaces that can lead to tangible user harm and platform integrity issues.

Key insights

OpenAI's new bug bounty targets AI-specific abuse and safety risks beyond traditional security vulnerabilities.

Principles

• AI safety extends beyond security.
• Reproducibility is key for agentic risks.
• Harm must be plausible and material.

Method

The program accepts submissions for AI-specific safety scenarios like agentic risks (e.g., prompt injection, data exfiltration), exposure of proprietary information, and account/platform integrity issues, triaging them with existing security teams.

In practice

• Report agentic product hijacking.
• Identify proprietary info exposure.
• Flag account integrity bypasses.

Topics

• AI Safety
• Bug Bounty Program
• Prompt Injection
• Agentic AI
• Security Vulnerabilities

Best for: CTO, VP of Engineering/Data, Director of AI/ML, AI Security Engineer, Security Engineer, AI Researcher

Related on AIssential

• I was hacked... — Robust AI security requires advanced models and proactive defenses against sophisticated prompt injection and resource exhaustion attacks.
• TAI #204: Are AI Agents Starting A Cybersecurity Arms Race? — AI agents are rapidly transforming cybersecurity, enabling both advanced attacks and unprecedented defensive capabilities.
• Weekly Dose #4 - From Smarter Models to Safer Systems — Control over AI systems is shifting from prompts to robust runtime environments and external security measures.
• I Hacked an AI Customer Service Agent in 8 Seconds — AI agents are inherently vulnerable to known attacks, requiring dedicated security discipline beyond basic prompt engineering.
• OpenAI to acquire Promptfoo — OpenAI's acquisition of Promptfoo integrates AI security testing and evaluation into its enterprise AI platform, Frontier.
• AI tool poisoning exposes a major flaw in enterprise agent security — AI agent tool registries require behavioral integrity checks, not just artifact integrity, to counter sophisticated supply chain attacks.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by OpenAI News.