AI-slop and how it affects Open Source - join the work
3 views
Skip to first unread message
Olle E Johansson
Feb 5, 2026, 3:42:44 AM (12 days ago) Feb 5
to c...@owasp.org
Hi!
Yesterday we had a long discussion about bad security reports, mostly generated with AI tools, in the OpenSSF Vulnerability Disclosures working group. Based on feedback in many talks and discussions during FOSDEM and recent actions by CURL (stopping bug bounties) we initiated some work. The core of it can be found in this Github issue. Please join the work and help out. The current situation adds a lot of un-needed stress to maintainers and security teams and we need to work together to build a best current practise that they can point to and get support from.
https://github.com/ossf/wg-vulnerability-disclosures/issues/178
There will be an invitation to an open meeting to discuss this soon.
/O
Yesterday we had a long discussion about bad security reports, mostly generated with AI tools, in the OpenSSF Vulnerability Disclosures working group. Based on feedback in many talks and discussions during FOSDEM and recent actions by CURL (stopping bug bounties) we initiated some work. The core of it can be found in this Github issue. Please join the work and help out. The current situation adds a lot of un-needed stress to maintainers and security teams and we need to work together to build a best current practise that they can point to and get support from.
https://github.com/ossf/wg-vulnerability-disclosures/issues/178
There will be an invitation to an open meeting to discuss this soon.
/O
Reply all
Reply to author
Forward
0 new messages