Comment by ofjcihen
14 hours ago
Been running into the same issue since a week or 2 ago on Opus.
To be fair I have a pretty loose harness and pattern but it’s been enough to pull in 20k in bounties a month for a long time without going over plan with very little steering (sometimes days of continuous work)
That being said I’ve figured this was coming for a long time and have been slowly moving to local models. They’re slower but with the right harnesses and setup they’re still finding much the same amount in bounties.
You're really completing bug bounties with found with AI? are companies honoring these?
Yeah definitely. To be fair before LLMs I was a security researcher for years so with that experience I was more or less able to replicate most of an acceptable process (even up to report generation).
I still review and make a decision about every report though.
In contrast I think a lot of people are just pointing agents at websites and then telling them to create and send a report which is a great way to produce trash and a ban.