Meet Aardvark, OpenAI’s Security Agent for Code Analysis and Patching

Summary

OpenAI has launched Aardvark, a GPT‑5‑powered autonomous security‑researcher agent now in private beta, that continuously analyzes code, validates exploits and generates patches. The agent follows a four‑stage pipeline—threat modeling, commit‑level scanning, sandbox validation and automated patching—integrated with GitHub and Codex, and reportedly identified 92% of seeded vulnerabilities while uncovering ten new CVEs in open‑source projects. Early deployments show high recall, low false‑positive rates and the ability to surface complex logic and privacy bugs beyond traditional scanners. The beta is limited to GitHub Cloud users, with code excluded from model training and optional pro‑bono scans for selected open‑source repos.