OpenAI is now offering a Bug Bounty Program

josephfrusetta · April 11, 2023, 6:18pm

OpenAI is partnering with Bugcrowd to identify and incentivize finding bugs. They invite the global community of security researchers, ethical hackers, and technology enthusiasts to help identify and address vulnerabilities in their systems.

The program recognizes and rewards security researchers who report vulnerabilities, bugs, or security flaws in their systems. The rewards range from $200 to up to $20,000 based on the severity and impact of the reported issues. OpenAI views security as a collaborative effort and invites the security research community to participate in the program. They are also hiring for open security roles on their careers page.

Check out OpenAI’s newly introduced Bug Bounty.

ruv · April 11, 2023, 6:33pm

This is exciting. Can i use my bug finder bot, built with GPT-4?

stevenwynkoop · April 12, 2023, 6:10am

What constitutes a big? I have found that Web links provided by ChatGPT as references don’t link to meaningful information. Is that a bug? Are biographical and historical inaccuracies bugs? Almost every query produces those. Please clarify if you are able.

N2U · April 12, 2023, 9:31am

Hey Steven and welcome to the forum

Your question is quite a common one, so I’ll just copy paste from the bug bounty description:

Examples of safety issues which are out of scope:

Jailbreaks/Safety Bypasses (e.g. DAN and related prompts)
Getting the model to say bad things to you
Getting the model to tell you how to do bad things
Getting the model to write malicious code for you
Model Hallucinations:

Getting the model to pretend to do bad things
Getting the model to pretend to give you answers to secrets
Getting the model to pretend to be a computer and execute code
For model related issues, please report them here:
Model behavior feedback

N2U · April 12, 2023, 9:40am

Btw could we get this community forum site added to the list of out of scope sites?

The community is running on “discourse”, and we’ve already seen a lot of junk/spam posts over last 24 hour’s.

If there’s a bug with on a discourse forum site, you can report it at

EricGT · April 21, 2023, 2:07pm

This is off-topic so if the OP desires it be moved, feel free to ask for it to be moved. If I were a Discourse admin or high level user here I would do it automatically.

One of the first line of defenses against spam on a Disclosure site is Askimet.

The next quickest method is to have a high trusted user flag the post and it will be hidden immediately.
The next quickest method is to have three users flag the post and it will be hidden. Also flags are hidden from other users so if you want others to add another flag note that you flagged it. Personally I don’t mind if my flags for spam are seen publicly so that others can count the flags and know to add an additional flag.

N2U · April 21, 2023, 2:15pm

Agreed,

Askimet is already doing it’s thing on the forum, and flagging is great but i don’t think it’s as effective when we have explosive growth in the amount of forum users

Topic		Replies	Views
ChatGPT may have so many bugs because there isn't a dedicated place in the forum to report bugs Forum feedback chatgpt	18	1837	April 10, 2024
Are bug reports welcome or are users just sent away? Bugs api	5	439	November 17, 2023
Where to report a significant security breach? API	3	290	December 27, 2023
AI Alchemy: Navigating the Ethical Frontiers Community gpt-4 , chatgpt	1	549	January 9, 2024
ChatGPT Model Providing Correct AWS External/Internal IPs & OAuth to ByPass CF & Access Directly API	1	352	January 25, 2024

OpenAI is now offering a Bug Bounty Program

Related Topics