OpenAI's Codex Security Agent: AI Is Now Hunting Your Code's Vulnerabilities

OpenAI just dropped GPT‑5.4 — but the real story might be what they're killing off. If your team relies on a Thinking model, you've got until March 31 before pricing changes hit.

Plus — ChatGPT now lives inside your spreadsheets. We tested the hype. [SFX: RISER]

Alright, welcome to AI Dose Daily — I'm Holden Carter.

And I'm Naomi Zhao. Happy Friday, everyone.

So today we are going all in on OpenAI. This is a deep dive episode because honestly, there's too much to unpack in a quick hit.

Yeah, they shipped a lot on March fifth and the ripple effects are still landing.

Here's how we're breaking this down. Three beats. First — GPT‑5.4 itself. The model, the variants, what "Pro" versus "Thinking" actually means in practice. Second — and this is the one that should have your attention if you run a team — legacy Thinking model retirements. New pricing kicks in March thirty-first. That's ten days from now.

Ten days. And some teams don't even know their workflows are about to break.

Exactly. And then third — the Excel and Google Sheets integration. ChatGPT living inside your spreadsheets. We've had two weeks of real-world usage now since launch, so we can actually talk about whether it delivers.

Not just demo vibes — actual results.

Let's get into it.

So before we get into the actual product details, let's zoom out for a second. Because there's a reason OpenAI is shipping this aggressively right now.

Yeah, and it starts with a number. On February 27th — just six days before GPT‑5.4 dropped — OpenAI closed a hundred-and-ten-billion-dollar funding round. Led by Amazon, SoftBank, and Nvidia. Seven-hundred-and-thirty-billion-dollar pre-money valuation. AP reported it as one of the largest private tech financings ever.

That is an absurd amount of capital. And it tells you something about the pace we're in right now. The whole industry has shifted. It's no longer about who has the best benchmark score. It's about who's shipping tools that do real work — security agents, spreadsheet assistants, task automation. Agents that plug into your actual workflow.

So GPT‑5.4 isn't just a model drop — it's the first major product move after that mega-round?

Exactly. This is OpenAI showing investors and the market: here's what a hundred-and-ten-billion dollars buys you. Concrete products, shipped fast, aimed at enterprise workflows. [SFX: WOOSH]

So here's what they actually shipped on March 5th.

So OpenAI's sitting on a hundred-and-ten-billion-dollar war chest. What did they actually ship? Let's get into it.

March 5th, 2026. GPT-5.4 drops. TechCrunch covered the launch — OpenAI is positioning this as their frontier model for professional work. And it comes in two flavors: a "Pro" variant and a "Thinking" variant.

Right, and the Pro variant is your workhorse — fast, capable, built for volume. The Thinking variant is the reasoning-heavy model, the one that takes a beat to actually work through complex problems step by step.

But here's where it gets consequential for teams. OpenAI is simultaneously retiring the older-generation Thinking models. If your team built workflows around a previous reasoning model — and a lot of enterprise teams did — you need to know that new pricing structures hit March 31st. [SFX: IMPACT]

March 31st. That's ten days from now. This is OpenAI consolidating its model lineup. Fewer SKUs, cleaner tiers. Good for OpenAI's product story, potentially disruptive for teams that didn't see this coming.

And the migration isn't just flipping a switch. If you've tuned prompts, built API pipelines around a specific model's behavior — a new model version can change your outputs in subtle ways.

Now, the other big thing that shipped on March 5th — same day — ChatGPT working directly inside Excel and Google Sheets. Axios called it "an unusually concrete enterprise workflow upgrade," and I think that framing is right.

This isn't a beta. This isn't a waitlist. This shipped. You can use ChatGPT to build formulas, clean data, generate pivot tables — inside the spreadsheet you're already working in.

And the strategic play here is unmistakable. OpenAI is trying to become the default AI layer inside productivity software. That puts them in direct competition with Microsoft's own Copilot features in Excel and Google's Gemini in Sheets.

Which is wild when you remember Microsoft is an OpenAI investor. You've now got OpenAI's tool competing with its biggest backer's native product — in the same application.

That tension is only going to grow. But for users right now, the question is simple: does the spreadsheet integration actually deliver? We'll get into that.

Okay so that's what shipped. Now let's talk about what it actually means, because different people are looking at this very differently.

Yeah, let's start with the most urgent one. If you're an enterprise team that built workflows around the older Thinking models, this retirement isn't a suggestion. It's a forcing function. March 31 hits, your pricing changes, your model access changes — and if you haven't migrated, things break.

And that's not a lot of runway. We're talking ten days from now. If you've got automated pipelines, custom prompts tuned to a specific model's behavior, internal tools — all of that needs to be tested against 5.4 before the cutover.

Now here's where it gets interesting, because there are two very different ways to read OpenAI moving this fast. The acceleration camp says this is exactly what you'd expect. Anthropic raised thirty billion dollars at a three-hundred-eighty-billion-dollar valuation on February twelfth. The competitive pressure is enormous. OpenAI needs to ship cleaner product tiers, consolidate their model lineup, and move forward. Fewer SKUs, clearer pricing, faster iteration. That's how you stay ahead.

Totally fair. But the governance crowd has a real point too. If models are getting retired every few months, how do you maintain audit trails? How do you keep compliance documentation consistent? You validated your outputs on one model — now it's gone. And this matters more than ever with the EU AI Act provisions kicking in by August second.

Right, it's not theoretical. If you're serving European customers, you need to document which model produced which output. Model churn makes that harder.

And then there's the spreadsheet debate, which honestly I could go either way on. The bull case — and Axios literally called these tools "an unusually concrete enterprise workflow upgrade" — the bull case is that this is the moment AI stops being a chatbot and starts living where work actually happens. Inside the spreadsheet. Inside the workflow.

I hear that. But the skeptic in me says — formula generation, data cleanup, pivot table help — add-ons have done this for years. The question is whether OpenAI's version is meaningfully better or just more convenient.

And that's what teams need to figure out in the next few weeks. Which brings us to what you should actually do about all of this.

Okay, so let's land this. Here's what you should actually do this week.

Number one — if your team is running on a legacy Thinking model, audit your workflows now. Go through your API calls, your ChatGPT Team or Enterprise setups, and figure out exactly which ones depend on a model that's getting retired. You have ten days. March 31 is not flexible.

Number two — if you live in spreadsheets, and honestly who doesn't, try the new ChatGPT integration on one specific task. Pivot tables, formula debugging, data cleanup. Pick something small, test it, compare the output against what you're already getting from Copilot or Gemini in Sheets. Don't roll it out team-wide until you've actually benchmarked it.

And number three — if you manage AI spend, this is your moment to review pricing tiers. The Pro variant and the Thinking variant almost certainly have different per-token costs. So model choice isn't just a performance decision anymore, it's a budget decision.

Bottom line — the March 31 deadline is real, the spreadsheet tools are worth testing but not worth trusting blindly, and your finance team should be in the loop on model selection now, not later.

Alright, lightning round. Here's what else is moving in AI this week. [SFX: DRAMATIC_STING]

First up — OpenAI shipped something called Codex Security, reported March 6th and 7th. It's an application-security agent that evolved from an internal project codenamed "Aardvark," and it scans your code and proposes fixes for vulnerabilities automatically.

Anthropic acquired a Seattle-based agent automation startup called Vercept on February 25th — Vercept's own product shuts down by March 25th, and this is Anthropic going all in on computer-use and task-automation capabilities.

NVIDIA's GTC 2026 — BlueField-4 STX storage architecture, announced March 16th, targeting data-access bottlenecks during agentic AI inference. The takeaway? Storage, not just GPUs, is now the scaling constraint.

And one more — OpenAI quietly bought a health-tech startup called Torch back in January. They unify lab results, medications, visit recordings. OpenAI is building vertical workflow footholds, not just shipping models.

Four stories, four signals, all pointing the same direction — agents doing real work in real industries.

Alright, one date to remember from today's episode. March 31st. That's when legacy model retirements and the new GPT‑5.4 pricing kick in. Put it on your calendar.

Literally put it on your calendar. Right now. We'll wait.

That's our show for today. Thanks for spending part of your morning with us. If this was helpful, subscribe wherever you get your podcasts so you don't miss tomorrow's episode.

We'll be back with more. Stay sharp out there.

I'm Holden Carter.

I'm Naomi Zhao.

This is AI Dose Daily. See you tomorrow.