On AI Slop vs OSS Security
03 Nov, 2025
Author's Note
I have spent the better part of a decade in the bug bounty industry, and my perspective on this industry is shaped by this experience. The first five years were spent as a bug hunter and vulnerability researcher, where I developed an intimate understanding of what it takes to find, verify, and responsibly disclose security vulnerabilities. The last five years have been spent at HackerOne (Nov, 2020 - Present), starting as a vulnerability triager where I personally reviewed tens of thousands of submissions, and now as a Team Lead overseeing technical services with a focus on triage operations.
This combination of experience, having worked both sides of the vulnerability reporting ecosystem, from the researcher's perspective to the bug bounty platform's operations, gives me a particular vantage point on how the industry is fracturing under the weight of AI-generated noise. I've reviewed the borderline cases where it's genuinely unclear whether a report is a hallucination or a real finding. I've felt the frustration of maintainers whose inboxes are drowning. I've also seen the pressure that platforms face trying to maintain quality while scaling to handle the deluge.
However, I want to be explicit: these are my personal views and observations, informed by my professional experience but not representative of my employer in any way. HackerOne, as an organization, has its own perspectives, strategies, and positions on these issues. My analysis here reflects my own thinking about the systemic problems I see and potential solutions, not company doctrine or strategy.
The Anatomy of the Problem
There are fundamental issues with how AI has infiltrated vulnerability reporting, and they mirror the social dynamics that plague any feedback system.
First, the typical AI-powered reporter, especially one just pasting GPT output into a submission form, neither knows enough about the actual codebase being examined nor understands the security implications well enough to provide insight that projects need. The AI doesn't read code; it pattern-matches. It sees functions that look similar to vulnerable patterns and invents scenarios where they might be exploited, regardless of whether those scenarios are even possible in the actual implementation.
Second, some actors with misaligned incentives interpret high submission volume as achievement. By flooding bug bounty programs with AI-generated reports, they feel productive and entrepreneurial. Some genuinely believe the AI has found something real. Others know it's questionable but figure they'll let the maintainers sort it out. The incentive is to submit as many reports as possible and see what sticks, because even a 5% hit rate on a hundred submissions is better than the effort of manually verifying five findings.
... continue reading