Months and months of safety preparations

We take the risk of bio-misuse very seriously but also deeply care about advancing frontier biology research with our models. Will continue to iterate on both ends!

We've updated our safeguards to be both more robust and precise, but you may still see that highly detailed dual use biology requests are being blocked. That's why we've introduced our Life Science Special Access program to Enterprise accounts.

Our safeguard report can be found in our system card

GPT-5 with thinking is another model we are treating as High capability under the preparedness framework. We've activated biorisk safeguards in ChatGPT, like the ones in ChatGPT agent, and some new ones in the API. https://t.co/azqAfScsIo

Feeling grateful this morning to be pushing the frontier. 🥰

what a banger of a week over here

1/N I’m excited to share that our latest @OpenAI experimental reasoning LLM has achieved a longstanding grand challenge in AI: gold medal-level performance on the world’s most prestigious math competition—the International Math Olympiad (IMO).

tip for chatgpt agent slides: first ask it to do the research only, then ask it to make the slides!

Securing AI bio capabilities extends beyond any one lab. We’ll continue researching, collaborating, and sharing what we learn. Read the full details in our detailed system card. https://t.co/03YahP3l5c

Because keeping models safe is an always-on process, we’re launching a bio bug bounty to identify jailbreaks so that we can address them quickly.

We also hosted a Biodefense workshop with government, NGOs and national labs to foster collaboration, discuss risk mitigation strategies, and supercharge biodefense research with AI.

We ran 1000s of hours of red-teaming with global experts, including biology PhDs and jailbreakers. We worked with UK AISI, our Red Teaming Network and https://t.co/ad5HH18joa to harden our defenses.

We provided the US CAISI and the UK AISI with access to the model for red-teaming of our bio risk safeguards, using targeted queries to stress-test our models and monitors.

Accordingly, we’ve designed and deployed our deepest safety stack yet with multi-layered mitigations: - Expert-validated threat model - Conservative dual-use refusals for risky content - Always-on safety classifiers - Streamlined enforcement & robust monitoring

This is a pivotal moment for our Preparedness work. Before we reached High capability, Preparedness was about analyzing capabilities and planning safeguards. Now, for Agent and future more capable models, Preparedness safeguards have become an operational requirement.

We ran a suite of preparedness evaluations to test the model’s capabilities. While we do not have definitive evidence that this model could meaningfully help a novice to create severe biological harm, we have chosen to take a precautionary approach and activate safeguards now.

“High capability” is a risk-based threshold from our Preparedness Framework. We classify a model as High capability if, before any safety controls, it could significantly lower barriers to bio misuse—even if risk isn’t certain.

We’ve activated our strongest safeguards for ChatGPT Agent. It’s the first model we’ve classified as High capability in biology & chemistry under our Preparedness Framework. Here’s why that matters–and what we’re doing to keep it safe. 🧵

1/ Our models are becoming more capable in biology and we expect upcoming models to reach ‘High’ capability levels as defined by our Preparedness Framework. 🧵