It seems to me that this sort of work is a usecase that’s actually very fitting use case for LLM agents and the like. Because they can be trained and tuned to find commonly known vulnerability patterns.

Here, something that looks like the thing is a strong signal, as long as the probability is high enough to be useful.

Remember Netflix‘ chaos monkey?