OpenAI has unveiled Aardvark, an agentic security researcher powered by GPT-5, which is now in private beta for select partners. This tool is specifically designed for software teams that require continuous vulnerability discovery and patch proposals across large codebases.
Now in private beta: Aardvark, an agent that finds and fixes security bugs using GPT-5.https://t.co/xwtJhfDM3X pic.twitter.com/5m49RwFK3d
— OpenAI (@OpenAI) October 30, 2025
Aardvark operates as a multi-stage pipeline. It ingests entire repositories, constructs a threat model, monitors new commits, and flags issues with a step-by-step rationale. Suspected bugs are validated in a sandbox to confirm their exploitability. For fixes, it attaches a Codex-generated patch for human review and one-click merge. The tool integrates seamlessly with GitHub and existing workflows, aiming to reduce false positives by testing findings before surfacing them.
OpenAI reports that Aardvark has been used internally and by alpha partners over recent months. On benchmarked “golden” repositories, Aardvark identified 92% of known and synthetic vulnerabilities. The system has also disclosed issues in open source projects, with ten findings assigned CVE IDs. OpenAI has updated its outbound disclosure policy and plans to offer pro-bono scanning for select non-commercial open-source software projects.
OpenAI positions Aardvark within its defender-first security efforts, backed by GPT-5 and Codex. The company highlights months of internal deployment, updated disclosure practices, and a plan to broaden access after the private beta demonstrates reliability at scale.
