OpenAI Launches $20K Bug Bounty: How Researchers Can Secure AI

Security concerns are a major obstacle to the widespread adoption of large AI models such as ChatGPT and GPT‑4, and OpenAI has faced criticism from regulators and industry experts.

In a recent blog post, OpenAI announced the launch of a Bug Bounty Program that promises prompt remediation of verified vulnerabilities and rewards of up to $20,000.

The company emphasizes that transparency and collaboration are essential, inviting security researchers, ethical hackers, and technology enthusiasts worldwide to help identify and fix bugs in its systems.

Program Commitment

OpenAI states that building safe, reliable, and trustworthy AI requires the help of the security community.

Collaboration with Bugcrowd

OpenAI partners with the leading bug‑bounty platform Bugcrowd to manage submissions and rewards, ensuring a streamlined experience for participants.

Program Rules

You are authorized to test within the scope of this policy.

Follow this policy and any related agreements; this policy takes precedence in case of conflict.

Report discovered vulnerabilities promptly.

Avoid violating privacy, disrupting systems, destroying data, or harming user experience.

Communicate vulnerability details through OpenAI’s Bugcrowd program.

Keep vulnerability details confidential until OpenAI’s security team authorizes disclosure (typically within 90 days of report).

Test only in‑scope systems and respect out‑of‑scope boundaries.

Do not access, modify, or use others’ data, including OpenAI’s confidential data; if exposed, stop testing, submit a report, and delete all copies.

Interact only with your own account unless OpenAI grants explicit permission.

Disclose vulnerabilities unconditionally; extortion, threats, or coercion are prohibited and will not receive safe harbor.

Out‑of‑Scope Issues

Model safety problems are not covered by the bounty because they are not discrete, fixable bugs; addressing them often requires extensive research and broader approaches.

Most prompt‑ or response‑related issues are also out of scope unless they have a direct, verifiable security impact on an in‑scope service.

Examples of out‑of‑scope security issues include:

Jailbreak or security bypass attempts (e.g., DAN prompts).

Making the model say harmful statements.

Getting the model to provide instructions for wrongdoing.

Having the model generate malicious code.

Reward Process

Initial severity ratings follow Bugcrowd’s vulnerability classification, but OpenAI may adjust rewards based on likelihood or impact. Researchers whose findings are downgraded will receive a detailed explanation.