[thierrydamiba]

Isn’t this a great use of llms?

Clone the repo in a sandbox and have the llm identify if the issues are real and the appropriate response based on severity level.

Wouldn’t be perfect but would have caught something like this.

[lq9AJ8yrfs]

I don't think I've met an llm that is adversary resistant, and here are counterparties that are actively playing the field, to put it mildly.

The bug bounty service providers did an adequate job of filtering out junk reports. There was a survivorship bias, some of the bogus ones that got through had an uncanny ability to twist words.

[joatmon-snoo]

Humans + LLMs are really good at producing enough spam to overwhelm anything like this. There’s a reason curl bans LLM slop reports now.