OpenAI releases security research agent: can find vulnerabilities and write patches like human experts

Early on the morning of October 31st, OpenAI released a security research agent named Aardvark, marking AI's official entry into the frontline of the cybersecurity offensive and defensive battle.

Driven by the GPT - 5 model, this agent can not only identify and fix software vulnerabilities like human experts but also conduct round - the - clock vulnerability hunting. It can autonomously complete the entire process from code analysis to patch generation.

As a scalable defense tool designed for modern software development environments, Aardvark is being comprehensively tested in the code repositories of OpenAI and its external partners. OpenAI reported that Aardvark has shown outstanding performance in identifying known and synthetic vulnerabilities. In the early deployment phase, it has discovered multiple previously undetected security issues.

Four - layer Defense System: From Threat Modeling to Automatic Repair

As an agent system, Aardvark can continuously monitor and analyze source code repositories. Different from traditional tools that rely on fuzz testing or software composition analysis, it uses the reasoning ability and tool - calling function of large language models to deeply understand code behavior and identify potential vulnerabilities.

The system replicates the systematic workflow of security researchers by reading code, performing semantic analysis, writing and running test cases, and invoking various diagnostic tools.

(Image: Working principle of Aardvark)

Its operating mechanism follows a carefully designed four - stage process:

Threat Modeling: Generate a threat model that reflects the software's security goals and architectural design through comprehensive analysis of the code repository;

Code - level Scanning: Compare code changes with the threat model in the repository during the code submission process to identify potential security risks;

Verification Sandbox: Verify the exploitability of identified vulnerabilities in an isolated environment to reduce the false - positive rate of vulnerability detection;

Automatic Patching: Integrate OpenAI Codex to generate repair patches and submit them to developers for review through pull requests.

Aardvark is deeply integrated with GitHub, Codex, and mainstream development processes, providing continuous and non - intrusive security scanning services. All analysis results support manual auditing and are equipped with clear annotations to ensure the entire analysis process is fully reproducible.

Impressive Real - world Performance with an Accuracy Rate of Over 90%

According to OpenAI, Aardvark has been running in OpenAI's internal code repository and the systems of selected partners for several months. In the benchmark test of the "golden" code repository with implanted known and synthetic vulnerabilities, Aardvark successfully identified 92% of the problems.

In addition, the agent has also discovered multiple critical issues in real open - source projects, including ten high - risk security vulnerabilities with CVE numbers. All discoveries are responsibly disclosed in accordance with the latest coordinated disclosure policy.

In practice, Aardvark has also found complex errors beyond the scope of traditional security defects, including logical errors, incomplete repair issues, and privacy risks, demonstrating its broader applicability beyond security - specific scenarios.

OpenAI's Agent Strategy Begins to Take Shape

The release of Aardvark is not an isolated event but a key part of OpenAI's carefully planned agent product matrix. Notably, this is already the third agent system released by OpenAI recently.

In May 2025, OpenAI released the Codex agent, an AI programming assistant developed based on a GPT - 5 variant; in July of the same year, OpenAI launched the ChatGPT agent, which has the ability to control virtual computers and browsers and create and edit office documents.

This series of actions clearly indicates that OpenAI is comprehensively transforming from "general large models" to "vertical - domain agents".

Choosing the cybersecurity field as a breakthrough also highlights OpenAI's strategic vision. In 2024 alone, more than 40,000 CVE vulnerabilities were exposed globally; OpenAI's internal data shows that 1.2% of code submissions introduce errors. This industry situation has created an urgent demand for "defense - first" AI tools.

Aardvark's positioning precisely addresses this market pain point: it is not a traditional post - hoc scanning tool but an active defense system deeply integrated into the development process.

Human - Machine Collaboration: A Force Multiplier for Security Teams

Aardvark marks a key step for OpenAI to enter the field of automated security research through agent technology. The platform deeply integrates GPT - 5's language understanding ability, Codex - driven patch generation mechanism, and verification sandbox environment, providing a complete solution for modern software development teams facing increasingly complex security threats.

Although Aardvark is still in the limited testing phase, the initial performance data has shown promising application prospects. If its effectiveness can be verified in large - scale deployment, Aardvark is expected to lead a major transformation in the security protection mode of enterprises in the continuous integration / continuous deployment (CI/CD) environment.

For cybersecurity teams, Aardvark will become an important ability amplifier. Its automated verification process and auditable repair solutions will significantly alleviate the "alert fatigue" problem of security teams, enabling limited human resources to focus on more strategically valuable security decision - making work.

For AI engineers, Aardvark shows unique value in the rapidly iterative development cycle, being able to accurately identify potential errors caused by logical defects or incomplete repairs.

For teams deploying distributed AI systems, Aardvark's sandbox verification mechanism and continuous feedback loop are highly compatible with the CI/CD - based machine learning operations system; its deep integration with the GitHub workflow makes it an ideal addition to the modern AI operations technology stack.

From an industry practice perspective, Aardvark symbolizes a paradigm shift in the security operations mode. This innovative architecture heralds a new era of human - machine collaboration: security defense experts will break through the traditional limitations of human resources and achieve a leap in capabilities through in - depth collaboration with agents.

This article is from "Tencent Technology". Compiled by Jin Lu, edited by Mu Mu. Republished by 36Kr with permission.