GPT-Red: OpenAI's internal 'super-hacker' AI red-teamer and what it means for AI safety and builder teams
siliconangle.com

GPT-Red: OpenAI's internal 'super-hacker' AI red-teamer and what it means for AI safety and builder teams

Tech News
2 min read

Published by AINave Editorial • Reviewed by Ramit

TL;DROpenAI detailed GPT-Red, an internal AI system that uses self-play reinforcement learning to attack its own models and surface prompt injection vulnerabilities, achieving 84% success rate vs 13% for human red-teamers.

OpenAI detailed GPT-Red, an internal AI system that uses self-play reinforcement learning to attack its own models and surface prompt injection vulnerabilities before they reach users. The system achieved an 84% success rate across scenarios compared to 13% for human red-teamers, and its findings have been used to harden GPT-5.6 against a class of attacks that previously succeeded over 95% of the time.

What happened

GPT-Red is an automated red-teaming model trained via self-play reinforcement learning. It acts as an attacker against defender models across varied scenarios, earning rewards for successful exploits while defenders are rewarded for holding firm. As defenses improve, the attacker invents harder attacks and the loop repeats. The company said the approach outpaces human red-teamers: GPT-Red succeeds on 84% of scenarios versus 13% for humans, and it cuts direct prompt injection failures to a sixth of the rate in its best production model from four months earlier.

A class of "fake chain-of-thought" attacks that worked more than 95% of the time against GPT-5.1 now succeeds less than 10% of the time against GPT-5.6. The tool has also broken autonomous agents, including [hijacking a Vendy

Sources

Latest Tech News