你刚刷到这条消息,本来准备顺手划走,但又怕自己错过了真正会影响下一步判断的那一点。
最容易做错的,是GPT-5.5 Bio Bug Bounty;代价往往是如果只盯表面热闹,你很容易在错误方向上花掉时间、预算和注意力。;我先给一个保守判断:AI安全真正的漏洞,是可复现的通用提示词。。
My read is conservative but important: the real AI safety bug is a reproducible universal prompt.
That is why this detail matters. The challenge was not “find a bunch of bad outputs.” It was to start from a clean chat, use one reusable jailbreak prompt, and break five biosafety tasks on GPT-5.5 [S001]. For a non-technical reader, that means OpenAI was not rewarding random screenshots. It was rewarding one attack pattern that still works when the conversation resets.
That is a much more serious test. A one-off bad answer is noise. A prompt that transfers across five tasks is closer to a product-level failure, because it scales. The deployment card says the target was a reproducible, general biosafety jailbreak [S002]. GPT-5.5 is only paying for one kind of jailbreak: the kind that can be reused.
This is the filter I would use on every model update now: do not start by asking how many features shipped. Ask whether one attack pattern can survive a fresh session. A model update is not worth your attention because of how many features shipped; it is worth your attention if it changes your next decision.
The scope here also matters: this program was limited to GPT-5.5 Codex Desktop, with applications opening on April 23 and testing running from April 28 to July 27, 2026 [S001]. If you review AI tools, buy them, or recommend them internally, share this with the person who still counts isolated bad answers as the main safety metric.
真正该讨论的是:GPT-5.5 Bio Bug Bounty