
This week, OpenAI published details of GPT-Red, an internal-only automated red-teaming model. Its job is to attack OpenAI’s own models and find prompt injection vulnerabilities. OpenAI gives two reasons. Human red-teaming is time-intensive and does not scale. Commonly used robustness evaluations are already saturated by its latest models. Meanwhile, the attack surface grows. Agents read third-party data through browsers, connected apps, local files, and tools. Those affordances are
GPT-Red is an automated model designed to find security vulnerabilities in AI systems by attempting prompt injection attacks, where malicious instructions are hidden in data that the AI reads. The model was trained using self-play reinforcement learning, where it learns to craft increasingly sophisticated attacks while defender models learn to resist them. In testing, GPT-Red succeeded in finding vulnerabilities at much higher rates than human red-teamers and discovered a previously unknown attack method involving fake chain-of-thought entries. This matters because AI agents increasingly access external data through browsers, apps, and tools, creating expanding attack surfaces that human testing cannot efficiently cover, making automated red-teaming essential for safety before deployment.

Strong retrieval performance matters for AI systems that need to find and use information reliably for complex tasks.

The FT reports Kimi K3 will be the largest open AI model from China, with a parameter count between 2 trillion and 3 trillion.

Newer AI models continue outperforming older ones, suggesting the performance gap widens rather than plateaus.
Want to go deeper than the news? Explore live, cohort-based AI courses taught by practitioners.
Browse AI courses on Maven