• AI Search
  • Cryptocurrency
  • Earnings
  • Enterprise
  • About TechBooky
  • Submit Article
  • Advertise With TechBooky
  • Contact Us
TechBooky
  • African
  • AI
  • Metaverse
  • Gadgets
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Search in posts
Search in pages
  • African
  • AI
  • Metaverse
  • Gadgets
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Search in posts
Search in pages
TechBooky
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Search in posts
Search in pages
Home Artificial Intelligence

OpenAI Built GPT-Red To Attack Its Own Models Before Prompt Hackers Do

Paul Balo by Paul Balo
July 16, 2026
in Artificial Intelligence, Software
Share on FacebookShare on Twitter
Share this story

Send it to someone who should read it.

f Facebook X X in LinkedIn wa WhatsApp tg Telegram @ Email

In Brief
  • OpenAI is trying to solve one of the most uncomfortable problems in the agentic AI era: the systems that help people browse, code, search files and...
  • Its answer is GPT-Red, an automated red-teaming system designed to attack AI models before real attackers do.
  • In a new research post, OpenAI says GPT-Red is trained through self-play reinforcement learning, where the attacker model is rewarded for finding valid failures such as...

OpenAI is trying to solve one of the most uncomfortable problems in the agentic AI era: the systems that help people browse, code, search files and use connected apps are also exposed to malicious instructions hidden inside the very data they read. Its answer is GPT-Red, an automated red-teaming system designed to attack AI models before real attackers do.

In a new research post, OpenAI says GPT-Red is trained through self-play reinforcement learning, where the attacker model is rewarded for finding valid failures such as prompt injections, while defender models are trained to resist them and still complete legitimate tasks. The goal is not to release a more dangerous model to the public. The goal is to use an internal attacker to make production models safer.

Prompt injection has become one of the defining security challenges for AI agents. A user may ask an assistant to summarise an email, browse a webpage or inspect a code repository, but hidden instructions inside that content can try to override the user’s actual request. For AI systems connected to files, payments, browsers and enterprise apps, that is not a theoretical risk.

OpenAI says human red teams remain important, but they do not scale well enough on their own. Human testers can find clever attacks, but they cannot generate the volume and variety of adversarial examples needed to train every new model generation. GPT-Red is meant to fill that gap by repeatedly probing models across realistic scenarios and producing training data that makes future systems more robust.

The company says GPT-Red found successful attacks in 84 percent of scenarios in a replicated indirect prompt-injection arena, compared with 13 percent for human red teamers in the same setup. OpenAI also says GPT-5.6 Sol is its most robust model to prompt injections so far, with six times fewer failures on its hardest direct prompt-injection benchmark compared with its best production model from four months earlier.

Those numbers should be read carefully because they come from OpenAI’s own tests, but they still point to a serious shift. AI safety is no longer just about blocking bad prompts from users. It is also about training models to recognise when a webpage, tool output, file or third-party system is trying to manipulate them.

This is especially relevant because AI tools are moving from chat into action. Coding agents can edit files. Browser agents can visit websites. Office agents can read documents and calendars. Customer-support agents can access account histories. Once an AI system has tools, prompt injection becomes less like spam and more like a software supply-chain problem.

A related TechBooky report looked at OpenAI’s Codex Micro control pad for managing Codex agents, a sign that AI work is becoming more operational and multi-agent. The more agents are used in real workflows, the more important it becomes to know whether they can resist hidden instructions in the materials they process.

OpenAI’s post also describes realistic case studies, including attacks against an autonomous vending-machine-like system and Codex-style agents in data-exfiltration scenarios. The point is clear: prompt injection is not simply an annoying chatbot trick. It can become a way to manipulate tools, leak information or change decisions.

The most interesting idea behind GPT-Red is the safety flywheel. If today’s AI can automatically find weaknesses in tomorrow’s AI, model developers can improve robustness faster than human teams working alone. This mirrors the way AI is already being used to improve coding, data generation and model training, but applies it to defensive testing.

There is still a trust question. The strongest red-teaming systems may themselves contain offensive capabilities, which is why OpenAI says GPT-Red is kept separate from deployed models. That separation matters because publishing too much operational detail about powerful automated attackers could help adversaries.

For businesses adopting AI agents, the lesson is practical. Do not treat prompt injection as a research curiosity. If an AI tool can read untrusted content and take actions, it needs layered defences, logging, permissions and continuous testing. GPT-Red shows that the frontier labs are taking the risk seriously because the next wave of AI will be judged not only by intelligence, but by how well it behaves when the internet tries to mislead it.

Related Reading

Explore more TechBooky stories from the latest and category sections below.

Keep Reading Smarter

Search TechBooky with AI

Use TechBooky's AI Search to explore the context behind this story and related coverage across the site.

Try AI Search
More On This Topic
Artificial Intelligence Software
Follow TechBooky

Follow TechBooky for more technology stories and newsroom updates.

f Facebook X X in LinkedIn ig Instagram wa WhatsApp

Tags: ai agentsAI safetyGPT-Redopenaiprompt injection
Paul Balo

Paul Balo

Paul Balo is the founder of TechBooky and a highly skilled wireless communications professional with a strong background in cloud computing, offering extensive experience in designing, implementing, and managing wireless communication systems.

Search TechBooky
Open TechBooky AI Search Try the AI Assistant

BROWSE BY CATEGORIES

Receive top tech news directly in your inbox

subscription from
Loading

Freshly Squeezed

  • Mira Murati’s Thinking Machines Debuts Inkling, A 975B-Parameter Open-Weight AI Model July 16, 2026
  • TSMC Posts Another Record Quarter As AI Chip Demand Keeps The Boom Alive July 16, 2026
  • OpenAI Built GPT-Red To Attack Its Own Models Before Prompt Hackers Do July 16, 2026
  • South Africa’s Cue Raises US$5m To Scale AI Customer-Service Agents July 16, 2026
  • xAI Sues Grok User Accused Of Creating Illegal Deepfake Child Abuse Images July 16, 2026
  • xAI Open-Sources Grok Build After Coding-Agent Privacy Backlash July 16, 2026
  • Apple Intelligence Gets China Approval With Alibaba’s Qwen AI Inside July 16, 2026
  • OpenAI’s First Hardware Is A US$230 Control Pad For Managing Codex Agents July 15, 2026
  • AWS Security Hub Now Watches Azure As AI Workloads Become A Bigger Target July 15, 2026
  • China’s AI Companion Rules Show The Next Fight Is Emotional Dependency July 15, 2026
  • UK Wants Midnight Social Media Curfews For Older Teens As AI Chatbot Rules Loom July 15, 2026
  • ASML Raises Its 2026 Outlook Again As AI Chip Demand Keeps Surging July 15, 2026

Browse Archives

July 2026
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
« Jun    

Quick Links

  • About TechBooky
  • Advertise With TechBooky
  • Contact us
  • Submit Article
  • Privacy Policy
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Search in posts
Search in pages
  • African
  • Artificial Intelligence
  • Gadgets
  • Metaverse
  • Tips
  • AI Search
  • About TechBooky
  • Advertise With TechBooky
  • Submit Article
  • Contact us

© 2025 Designed By TechBooky Elite

Discover more from TechBooky

Subscribe now to keep reading and get access to the full archive.

Continue reading

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.