Overview
- OpenAI announced Patch the Planet on Monday, June 22, 2026, a partnership with security firm Trail of Bits and others to give free security consulting and tooling to under‑resourced open‑source projects.
- Organizers say the first-week sprint identified hundreds of security issues and produced dozens of patches across more than 30 projects, including cURL, Python, Go, pyca/cryptography, Sigstore and aiohttp.
- The effort combines human engineers with updated tools: a limited Trusted Access model called GPT‑5.5‑Cyber used for authorized security work and an improved Codex Security plugin that can scan code, generate patches and run tests.
- Trail of Bits ran a five‑day opening sprint with about 25 engineers and the program supplies participants with six months of ChatGPT Pro, six months of Codex Security access, subsidized compute (OpenAI cites 20 trillion tokens) and reusable testing infrastructure.
- The initiative aims to ease maintainers’ burden from a surge in low‑quality automated bug reports while governments press companies to restrict advanced cyber capabilities and industry rivals compete over security model performance.