OpenAI Puts $25,000 on the Line to Break GPT-5.5's Biosafety Controls

OpenAI has launched the GPT-5.5 Bio Bug Bounty program, offering a top prize of $25,000 to the first researcher who can produce a single universal jailbreak prompt that bypasses the model's biosafety controls and answers all five questions in OpenAI's classified biosafety challenge — in a clean session, without triggering moderation.

The program opens applications on April 23 with rolling acceptances and closes June 22. Testing runs from April 28 through July 27. OpenAI is combining direct invitations to vetted biosecurity red teamers with an open application process requiring researchers to demonstrate relevant AI security or biology credentials. The model in scope is GPT-5.5 running inside Codex Desktop.

This is a significant acknowledgment from OpenAI that GPT-5.5 represents a qualitatively different threat surface than its predecessors. Previous bug bounty programs focused on general jailbreaks and data leakage — this one is specifically about biological uplift, the ability of a model to assist with the creation or enhancement of dangerous pathogens.

The $25,000 prize and the tight application requirements reflect how seriously OpenAI is treating the biosecurity risk profile of frontier models. It also signals a broader industry shift: biosafety is now a structured engineering problem, not just a policy question. Expect Anthropic and Google DeepMind to follow with similar programs.

Critics have noted that publishing the existence of a biosafety challenge — even without the questions — could incentivize adversarial actors to probe the model more aggressively. But the alternative — quiet internal testing — has historically missed the creative attack vectors that external researchers surface.