Dispatch
OpenAI Launches Safety Bug Bounty Program Targeting Agentic AI Vulnerabilities with 50% Reproducibility Threshold
OpenAI launched a dedicated Safety Bug Bounty program on March 25, separate from its existing security bounty. The program specifically targets third-party prompt injection attacks against agentic products (Browser, ChatGPT Agent) that can hijack user agents to perform harmful actions or leak data — but attacks must be reproducible at least 50% of the time to qualify. Standard jailbreaks and content-policy bypasses without demonstrable safety impact are explicitly excluded. This is the first major bounty program focused on real-world agentic attack surfaces.
Source
↳ Follow the thread