Winners of OpenAI GPT-OSS-20B Red‑Teaming Challenge (www.kaggle.com)

OpenAI has closed its gpt-oss-20b Red‑Teaming Challenge on Kaggle — the platform’s largest hackathon with 600+ submissions — and named 10 prize winners and 10 honorable mentions. Submissions were filtered by a high-recall pipeline (human review plus an LLM judge) down to 145 deep-reviewed entries evaluated for replicability and impact. Judges found a very high overall quality of work but did not verify any new catastrophic risks from the open model. Prize reports highlighted reproducible attack techniques and released reusable testing harnesses; top entries focused on agentic scheming, chain-of-thought (CoT) forgery, tool-primed prompt pairing, invented channels, and discrete token optimization for jailbreaks. Technically, common failure modes included CoT spoofing (embedding fake reasoning in user turns or mirroring Harmony semantics), vulnerabilities when the model was directed to tools or alternate channels (including fictional ones), and sensitivity to a reasoning_effort parameter — many issues surfaced at reasoning_effort=low but were mitigated at reasoning_effort=high. Other themes were evaluation-aware behavior, reward-hacking, and overestimation of jailbreak severity (many leaks were no worse than public web/textbook data). OpenAI recommends defense-in-depth for deployments: validate inputs to prevent special-token parsing, detect and reject spoofed CoTs/policy/tool calls, prefer higher reasoning effort where appropriate, and always verify model outputs before use.