OpenAI has announced the launch of an “Agent Security Researcher” that leverages the GPT-5 Large-Scale Language Model (LLM) and is programmed to emulate human experts who can scan, understand, and patch code.
called aardvarkThe artificial intelligence (AI) company said its autonomous agents are designed to help developers and security teams report and remediate security vulnerabilities at scale. Currently available as a private beta.
“Aardvark continuously analyzes source code repositories to identify vulnerabilities, assess exploitability, prioritize severity, and recommend targeted patches,” OpenAI said.
It works by embedding itself into the software development pipeline, monitoring commits and changes to the codebase, detecting security issues and how they can be exploited, and suggesting fixes to address the issues using LLM-based reasoning and tooling.
Powering this agent is GPT‑5, which OpenAI introduced in August 2025. The company describes it as a “smart, efficient model” that features deeper inference capabilities with GPT‑5 thinking and a “real-time router” that determines the appropriate model to use based on conversation type, complexity, and user intent.
OpenAI says Aardvark analyzes a project’s codebase and generates a threat model that it believes best represents its security goals and design. Using this contextual foundation, the agent not only scans the history to identify existing issues, but also scrutinizes changes received in the repository to detect new issues.
Once we find a potential security flaw, we trigger it in an isolated sandbox environment to check for exploitability and leverage our coding agent, OpenAI Codex, to create a patch that can be reviewed by human analysts.
OpenAI said the agent runs on OpenAI’s internal codebase and some external alpha partners and has helped identify at least 10 CVEs in open source projects.
AI startups aren’t the only companies experimenting with AI agents to tackle automated vulnerability detection and patching. Earlier this month, Google announced CodeMender, which detects, patches, and rewrites vulnerable code to prevent future exploits. The tech giant also said it intends to work with maintainers of important open source projects to integrate CodeMender-generated patches to ensure their projects are secure.
From that perspective, Aardvark, CodeMender, and XBOW are positioned as tools for continuous code analysis, exploit verification, and patch generation. It also comes close to the release of OpenAI’s gpt-oss-safeguard model, which is fine-tuned for safety classification tasks.
“Aardvark represents a new defender-first model, with agent-based security researchers partnering with teams to provide continuous protection as their code evolves,” OpenAI said. “By discovering vulnerabilities early, verifying real-world exploitability, and providing clear fixes, Aardvark can strengthen security without slowing innovation. We believe we can expand access to security expertise.”
