As advancements across the AI industry leave critical open-source projects at increasing risk of falling behind, OpenAI announced on Monday that it is launching an initiative known as Patch the Planet. This project was founded in partnership with the research-focused security firm Trail of Bits and in collaboration with vulnerability management firms HackerOne and Calif.
Providing Sustainable Support
The project has begun offering free security consulting services to open-source maintainers to help them identify and fix vulnerabilities, strengthen their code bases, and incorporate AI security tools into their development processes. According to Trail of Bits CEO and co-founder Dan Guido, Patch the Planet is designed to help the open-source community harness the benefits of AI coding tools while managing the risks effectively.
Reducing the Maintenance Burden
Open-source developers, who often manage widely used software with limited resources, are increasingly struggling to keep up with bug reports. The rise of AI-powered vulnerability hunting has created a backlog of low-quality reports, distracting maintainers from critical flaws. OpenAI’s cyber tech lead, Fouad Matin, noted that the goal is to make the process as efficient as possible by offsetting costs and managing code assessments. OpenAI has already subsidized 20 trillion tokens for both open-source and private code usage through its Codex Security scanner.
Measuring Progress and Performance
More than 30 open-source projects are currently participating, with dozens of patches produced in the first week alone. While competitor Anthropic recently faced setbacks after being forced to pull its Fable 5 and Mythos 5 models from the market due to cybersecurity concerns, OpenAI continues to develop its limited Trusted Access for Cyber program. OpenAI’s new GPT-5.5-Cyber model now scores 85.6 percent on the CyberGym benchmark, outperforming Anthropic’s Mythos 5, which scored 83.8 percent.
Future-Proofing Cyber Resilience
The Five Eyes intelligence alliance recently warned that frontier AI models are fundamentally transforming cyber capabilities at a rapid pace. To support long-term resilience, Patch the Planet provides participants with six months of free ChatGPT Pro and Codex Security. Beyond patching, Trail of Bits is training maintainers on how to utilize custom agents to manage their own code bases effectively, ensuring they can operate faster and more securely in the future.
