Reporting ChatGPT bugs could make you a lot of money

ChatGPT logo on phone sitting on laptop with OpenAI logo
(Image credit: Shutterstock)

If you love the Mandalorian and ChatGPT, this could be the opportunity for you. OpenAI has issued an open challenge to find bugs in ChatGPT, via its Bug Bounty Program with up to a $20,000 reward on offer for the biggest discoveries. Hunting down bugs and making money? This is the way. 

ChatGPT has had its fair share of problems but it’s improving all the time, and now OpenAI has asked “the global community of security researchers, ethical hackers, and technology enthusiasts” to push it to the limit and, hopefully, disocver any vulnerabilities in the process. 

After all, if Chatbots such as ChatGPT and Google Bard are going to be as big as some believe, then they will need to be trusted and watertight.

While only the biggest possible finds will net you $20,000, any smaller security risks you spot could still bring in a reward of between $200 and $6500 per vulnerability. 

What kind of bugs are eligible? 

On the Bugcrowd page for the program, OpenAI has detailed what kind of finds it deems worthy of a financial reward, and unfortunately just getting the AI to say something silly doesn’t count. 

OpenAI has explicitly stated that “getting the model to say bad things to you” and “Getting the model to tell you how to do bad things” and answer banned questions through the likes of DAN will not be worth a reward. 

The company has also stated that: “Intentional access to data or information not belonging to you beyond the minimum necessary to demonstrate the vulnerability.” and other methods that impact the mass user experience are also out of bounds.

For the sake of security, only bugs reported from users’ own accounts will be valid but there is plenty for curious minds to sink their teeth into. With OpenAI stating “ChatGPT is in scope, including ChatGPT Plus, logins, subscriptions, OpenAI-created plugins (e.g. Browsing, Code Interpreter), plugins you create yourself, and all other functionality.” The Open AI API is also a valid target as well as the company’s own website and developer playground. 

If chatbots are to change the way we use the internet, they will need to be able to survive the ingenuity of users determined to break it. Are you up to the challenge?

More from Tom's Guide

Andy Sansom
Staff Writer – VPN

Andy is Tom's Guide Staff Writer for VPNs and privacy. Based in the UK, he originally cut his teeth at Tom's Guide as a Trainee Writer (go and click on his articles!) before moving to cover all things Tech and streaming at T3. He's now back at Tom's Guide to keep you safe online, and bring you the latest news in VPN and cybersecurity.