OpenAI: tool glitch and UI automation
OpenAI reported a security issue tied to a third-party developer tool called Axios and said user data was not accessed. A separate report showed OpenAI’s Codex using Adobe Lightroom like a human to denoise 50 photos without an API or plugin, demonstrating UI-level automation rather than formal integrations. (reuters.com) (businessinsider.com)
OpenAI said on April 10 that a security issue tied to a third-party developer tool did not expose user data, even as it pushed macOS app updates. (openai.com) The company said the issue involved Axios, a developer tool caught up in a broader industry incident, and that it found no evidence its systems, intellectual property, or software were altered. Reuters reported the disclosure on April 11. (openai.com) (reuters.com) OpenAI said it was rotating the certificates that help macOS verify an app is a legitimate OpenAI program, a step that can force users to install updated versions of ChatGPT and other OpenAI apps. CNBC reported the company was updating its security certifications after the Axios issue. (openai.com) (cnbc.com) A software certificate is a digital ID card that tells a computer who made an app and whether it has been tampered with. When a company worries that signing tools may be at risk, replacing those certificates is a way to keep fake apps from passing as real ones. (openai.com) In a separate April report, Business Insider said OpenAI’s Codex used Adobe Lightroom to denoise 50 photos without an application programming interface, or built-in software bridge, and without a plugin. The system reportedly operated the program through its buttons and menus the way a person would. (businessinsider.com) That is a different kind of automation from the usual model, where software companies expose formal hooks for other tools to call. Here, the agent appears to have worked at the screen level, reading the interface and taking actions inside Adobe’s app instead of connecting through an official integration. (businessinsider.com) (openai.com) OpenAI markets Codex as an agent for long-running engineering work across tools, codebases, and cloud environments. The Lightroom example suggests those agents are also being tested on everyday desktop software that was not designed for direct machine-to-machine access. (openai.com 1) (openai.com 2) Put together, the two developments land on the same pressure point: companies want agents that can act across real software, while also tightening the security checks that decide which software is trusted to run. OpenAI’s response this week was to harden trust on the macOS side while showing how far tool use can extend on the automation side. (openai.com) (businessinsider.com)
