Open Menu
AllLocalCommunitiesAbout
lotide
AllLocalCommunitiesAbout
Login

Open source project curl is sick of users submitting “AI slop” vulnerabilities

⁨32⁩ ⁨likes⁩

Submitted ⁨⁨3⁩ ⁨weeks⁩ ago⁩ by ⁨leo@lemmy.linuxuserspace.show⁩ to ⁨news@lemmy.linuxuserspace.show⁩

https://arstechnica.com/gadgets/2025/05/open-source-project-curl-is-sick-of-users-submitting-ai-slop-vulnerabilities/

source

Comments

Sort:hotnewtop
  • GreenKnight23@lemmy.world ⁨3⁩ ⁨weeks⁩ ago

    IMO repo owners should remove the ownership of all contributions from a contributor if they have been found abusing the project with AI.

    TBH I’ll probably be slapping a few warnings on my own projects along those lines.

    source
    • Ephera@lemmy.ml ⁨3⁩ ⁨weeks⁩ ago

      In this case, it’s about vulnerability reports, not about vulnerable code being contributed. There’s a bounty for any found vulberability in Curl, and then because telling an AI to try to find a vulnerability is essentially free, you’ll have lots of people looking to make a quick buck by just reporting whatever the AI spat out, no matter how nonsensical it is.

      source