OpenAI is rolling out two new security features for ChatGPT aimed at reducing risks as AI systems become more deeply connected to the web and external services. The company says the changes are designed to protect users and enterprise environments from emerging threats such as prompt injection attacks.
Prompt injection attacks involve malicious instructions hidden within text that attempt to manipulate a language model into revealing sensitive information or executing unintended actions. As AI tools gain access to browsers, files, and third-party apps, these types of attacks have become a growing concern for developers and organizations.
To address this, OpenAI is introducing Lockdown Mode, an optional high-security setting for ChatGPT. When enabled, Lockdown Mode restricts how the AI interacts with external systems and tools. Some integrations are disabled entirely, while web browsing is limited to cached content rather than live network requests. The company says this significantly reduces the chance that hidden instructions from external sources can influence the model.
Lockdown Mode will initially be available to enterprise customers and organizations with strict privacy requirements. OpenAI plans to expand the feature to regular consumers in the coming months.
In addition to Lockdown Mode, OpenAI is introducing clearer risk labeling across its AI tools. Features that involve higher exposure—such as those that grant network access or external integrations—will carry a visible “Elevated Risk” label. The standardized labeling will appear across ChatGPT, ChatGPT Atlas, and Codex to help users better understand potential security implications before enabling certain capabilities.
OpenAI says these updates are part of a broader effort to make AI systems safer as they become more integrated into workflows, enterprise software, and the open web.