alt Hacker NewsThe question still is: will enough useful stuff be included, to make it worth to dig through the slop? And how to tune the prompt to get better results.
Replies
bluGill • yesterday at 10:46 PM
That depends on how the tool is used. People who ask for a security vulnerability get slop. People who asked for deeper analysis often get something useful - but it isn't always a vulnerability.
unethical_ban • yesterday at 11:53 PM
I assume it's just like asking for help refactoring, just targeting specific kinds of errors.
I ran a small python script that I made some years ago through an LLM recently and it pointed out several areas where the code would likely throw an error if certain inputs were received. Not security, but flaws nonetheless.
ronsor • yesterday at 10:54 PM
You're either digging through slop or digging through your whole codebase anyway.
Best way to figure that out is to try it and see what happens.