You must log in or # to comment.
IMO repo owners should remove the ownership of all contributions from a contributor if they have been found abusing the project with AI.
TBH I’ll probably be slapping a few warnings on my own projects along those lines.
In this case, it’s about vulnerability reports, not about vulnerable code being contributed. There’s a bounty for any found vulberability in Curl, and then because telling an AI to try to find a vulnerability is essentially free, you’ll have lots of people looking to make a quick buck by just reporting whatever the AI spat out, no matter how nonsensical it is.
