A university student discovers a bug bounty announcement for an open-source project and immediately feeds the codebase into a Large Language Model. Within seconds, the AI generates a plausible-sounding report and a corresponding pull request. This scene is repeating thousands of times across GitHub, where the traditional flow of community contribution is being replaced by a flood of meaningless text and erroneous bug reports. Developers are finding their review queues clogged by automated tools designed to chase rewards rather than improve software, turning the act of maintenance into a battle against noise.
The Architecture of a High-Stakes Bounty
Turso, the project focused on rewriting SQLite, established a rigorous reward system to ensure the absolute reliability of its system ahead of the Turso 1.0 launch. The program offered a $1,000 payout to anyone who could discover and prove a bug that led to data corruption. Because data integrity is the primary value proposition of a database, the team did not rely on simple reports but demanded technical proof of failure.
To minimize vulnerabilities before the bounty even began, Turso deployed a sophisticated testing stack. This included a Deterministic Simulator to reproduce edge cases, a Fuzzer to inject random data, and an oracle-based differential testing engine to compare results against SQLite. They further augmented this with a concurrency simulator and Antithesis, a platform designed to find bugs in complex systems by exploring vast state spaces. Despite this infrastructure, the team acknowledged that software testing is never exhaustive. They specifically sought human ingenuity to find the gaps the simulators missed, such as corruption triggers that only manifest in databases exceeding 1GB in size.
This high barrier to entry initially worked. The program rewarded five individuals who provided genuine value. These included Alperen, a core contributor to the simulator; Mikael, who used LLMs creatively to explore areas the simulator could not reach; and Pavan Nambi, who employed formal methods—mathematical logic used to verify software correctness—to uncover more than 10 bugs within SQLite itself.
From Technical Proof to AI Slop
The nature of the contributions shifted as the accessibility of LLMs increased. Previously, claiming a bounty required the contributor to extend the simulator or provide a reproducible technical proof, a process that naturally filtered for high-skill developers. However, the project recently saw a surge in what is now termed slop: low-quality, AI-generated content designed to mimic the appearance of a technical contribution without providing any actual substance.
These AI-driven attacks typically follow a pattern of random probing. Some pull requests involved injecting random garbage bytes into database headers and claiming the resulting corruption was a critical vulnerability. Others took a more absurd route, reporting the fact that SQL statements actually execute within a SQL database as a security flaw. These submissions are almost always accompanied by a wall-of-text—the characteristic verbosity of LLMs—which forces maintainers to sift through paragraphs of confident but incorrect reasoning to find the core claim.
One particularly illustrative case involved a report regarding SQLite's concurrent writing capabilities. The AI-generated PR claimed a bug existed because SQLite could not open a file if the journal mode was not set to WAL (Write-Ahead Logging) after implementing concurrent writes. In reality, this is a fundamental design characteristic of SQLite, not a bug. The maintainers found themselves spending the majority of their engineering hours closing nonsensical pull requests rather than fixing actual software defects.
The transition from high-effort technical proofs to low-effort AI noise transformed the bounty program from an asset into a liability. While cash incentives are a classic motivator for security researchers, they now act as a beacon for automated scripts that prioritize volume over validity.
Financial incentives in the era of generative AI have shifted from rewarding expertise to subsidizing the production of noise.
