OpenAI has announced the launch of an “Agent Security Researcher” that is powered by its GPT-5 large language model (LLM) and programmed to simulate a human expert capable of scanning, understanding, and patching code.
called aardvarkThe artificial intelligence (AI) company said the autonomous agent is designed to help developers and security teams identify and fix security vulnerabilities at scale. It is currently available in private beta.
“Aardvark continuously analyzes source code repositories to identify vulnerabilities, assess exploitability, prioritize severity, and propose targeted patches,” OpenAI said.
It works by embedding itself in the software development pipeline, monitoring commits and changes to the codebase, detecting security problems and how they might be exploited, and proposing solutions to address them using LLM-based logic and tool-usage.
Powering the agent is GPT‑5, which OpenAI introduced in August 2025. The company describes it as a “smart, efficient model” that includes deep reasoning capabilities, courtesy of GPT‑5 thinking, and a “real-time router” to decide the right model to use based on the type of interaction, complexity, and user intent.
Aardvark analyzes a project’s codebase to generate a threat model that best represents its security objectives and design, OpenAI said. With this contextual base, the agent scans its history to identify existing issues, as well as detect new issues by examining incoming changes to the repository.
Once a potential security flaw is found, it attempts to trigger it in an isolated, sandboxed environment to confirm its exploitability and leverages OpenAI Codex, its coding agent, to generate a patch that can be reviewed by a human analyst.
OpenAI said it has been running the agent in OpenAI’s internal codebase and some of its external alpha partners, and it has helped identify at least 10 CVEs in open-source projects.
The AI upstart isn’t the only company testing AI agents to tackle automated vulnerability discovery and patching. Earlier this month, Google announced CodeMender that it said detects, patches, and rewrites vulnerable code to prevent future exploits. The tech giant also noted that it intends to work with maintainers of critical open-source projects to integrate Codemender-generated patches to help keep the projects secure.
Viewed in that light, Aardvark, CodeMender, and XBOW are being deployed as tools for continuous code analysis, exploit verification, and patch generation. This comes shortly after OpenAI released the GPT-OSS-Safeguard models that are fine-tuned for security classification tasks.
“Aardvark represents a new defender-first model: an agentic security researcher who partners with teams by providing continuous protection as code evolves,” OpenAI said. “By catching vulnerabilities early, validating real-world exploitability, and offering clear solutions, Aardvark can strengthen security without slowing innovation. We believe in expanding access to security expertise.”
