OpenAI’s “Patch the Planet” is a new initiative to help open-source maintainers find, validate, and fix security vulnerabilities with AI support and human review.
What it does
The program pairs OpenAI’s cyber tools with security engineers from Trail of Bits to investigate suspicious code, confirm real issues, develop patches, and coordinate disclosure. OpenAI says the effort is part of its Daybreak security push and uses tools including Codex Security and GPT-5.5-Cyber to support defensive workflows.
Projects involved
Early participating projects include cURL, Python, the Go project, aiohttp, Sigstore, and pyca/cryptography. Trail of Bits says the initiative has already produced hundreds of bug findings across 19 open-source projects and has merged 37 patches so far.
Why it matters
The goal is to reduce the burden on overworked maintainers and make it easier to move from bug discovery to real fixes. In practice, that means faster triage, more reliable patches, and reusable security workflows for critical software ecosystems.
