sethmlarson.dev

Subscribe
Archives
December 3, 2024

Slop security reports for open source

I've noticed a concerning trend of "slop security reports" being sent to open source projects, whether because of LLMs, spurious scanning results, or a lack of critical thinking from reporters. Here are thoughts about what platforms and maintainers can do to push back:

Read more: https://sethmlarson.dev/slop-security-reports

Don't miss what's next. Subscribe to sethmlarson.dev:
Start the conversation:
Blog GitHub X
Powered by Buttondown, the easiest way to start and grow your newsletter.