OpenAI GPT-5.6 Sol enters limited preview after US gov consultation, emphasizing defensive tasks on ExploitBench

The phased release stems from 700,000 A100-equivalent GPU hours of automated red-teaming targeting universal jailbreaks rather than prompt-specific failures. Layered classifiers pause generation on flagged cybersecurity inputs for secondary model review, extending patterns seen in prior dual-use controls on biology queries. Contract records show similar pre-deployment reviews applied to frontier models at other labs, indicating a de facto clearance pipeline rather than isolated OpenAI policy.

Evidence from the ExploitBench and browser evaluations reveals Sol isolates primitives effectively but stops short of end-to-end offensive chains, contradicting marketing emphasis on offensive parity. Related Anthropic Mythos deployments demonstrated N-day conversion in hours; Sol's token efficiency suggests faster iteration loops once expanded. Official statements stress defensive affinity, yet the architecture's real-time review layer reveals institutional recognition that capability boundaries remain porous.

Procurement patterns indicate government partners will receive priority access before general Codex and ChatGPT rollout, accelerating integration into existing red-team workflows. This creates an asymmetry where state-linked entities gain early leverage while commercial defenders face delayed availability. Independent verification of claimed refusal robustness remains absent beyond OpenAI's internal metrics.

Next steps hinge on expansion timeline: if general API access occurs within six weeks as stated, expect rapid community testing of the secondary classifier layer against novel inputs.