Comment by CGamesPlay

I'm pretty sure it's your "more positive take". It's just a mature project which many, many competent eyeballs analyzing and securing it, and correspondingly many, many more incompetent eyeballs looking to make a quick bug bounty.

> Is there an overlap between one of these tools and AI, can one substitute for the other?

AI is a crude facsimile of any tool, which is both why it's useful and why it's ineffective. In the case linked from the post, it's hallucinating function names and likely hallucinating the entire patch. This hallucination would be an annoyance for the submitter using an AI tool to discover potential security vulnerabilities, and is both an annoyance and waste of time for the maintainer who was given the hallucination in bad faith.