ChatGPT Gets New Security Feature to Fight Prompt Injection Attacks

Prompt injection attacks have emerged as a silent but potent threat to generative AI, allowing malicious actors to coerce models into revealing confidential data or executing unintended commands. As organizations embed AI assistants deeper into workflows, the attack surface expands, prompting regulators and security teams to demand stronger safeguards. OpenAI’s response—Lockdown Mode—directly addresses this risk by sandboxing the model’s ability to interact with external APIs, web browsing, and other tools, thereby cutting off the most common exfiltration pathways.

Lockdown Mode is positioned as an admin‑controlled feature within ChatGPT’s enterprise‑grade offerings. By creating a dedicated role in Workspace Settings, IT leaders can toggle which apps and actions remain accessible, ensuring that only vetted functionalities are exposed to end‑users. The mode also forces all browsing traffic to stay within OpenAI’s controlled network and limits it to cached content, effectively neutralizing live network requests that could be hijacked. This granular control not only satisfies internal security policies but also aligns with emerging data‑privacy regulations, making AI adoption less risky for sectors like healthcare and education.

Complementing the technical lock, Elevated Risk labels act as a real‑time risk communication tool. When a feature such as Codex’s network access is enabled, the label surfaces a concise warning about potential security implications, guiding developers toward informed decisions. OpenAI’s roadmap includes removing these labels once mitigations are proven and extending Lockdown Mode to consumer users, signaling a broader industry shift toward built‑in AI security. Competitors will likely follow suit, raising the baseline for AI safety and creating new market expectations for transparent risk signaling.