What Is "AI Slop" in Security? A Plain-Language Guide to AI-Generated Vulnerability Reports

If you've spent any time around open source security in the last six months, you've probably seen the phrase "AI slop" — usually thrown around with some exasperation by maintainers, security researchers, or bug bounty program managers. It's not a technical term, but it's becoming a real one, because it describes a real problem.

Here's what it means, why it matters, and what it's doing to the open source security ecosystem.

‍

What "AI slop" means in a security context

In open source security, "AI slop" refers to vulnerability reports that were generated or substantially assisted by an AI tool, where the output looks plausible at a surface level but doesn't hold up under verification. The vulnerability described might not actually exist. The reproduction steps might not work. The "exploit" might be a theoretical concern that's not actually exploitable in any real-world configuration. Or the report might just be a hallucinated description of a bug that doesn't reflect anything in the actual codebase.

The term seems to have entered widespread security usage in mid-2025, when curl creator Daniel Stenberg published a piece titled "Death by a thousand slops" describing the experience of triaging a flood of low-quality AI-generated submissions to the curl bug bounty program.

The key word is plausible. AI slop isn't obviously bad. If it were, it would be easy to filter out. The problem is that LLMs are good enough at writing security report prose that the noise is increasingly indistinguishable from signal until a human maintainer puts in the work to verify it.

‍

Why AI slop is a structural problem, not just an annoyance

The economics of AI slop are what make it dangerous to the ecosystem. Three asymmetries are stacking up at once:

The cost of generating a report has collapsed. An AI tool can produce a structured, professional-looking vulnerability report in seconds. The cost to the submitter is essentially zero.

The cost of verifying a report has not changed. A maintainer still has to read the report, understand the claim, check the code, attempt reproduction, evaluate exploitability, and make a triage decision. That work is human-bottlenecked and expensive in time and attention.

The incentive to submit has, in some cases, increased. Bug bounties, CVE attribution, and resume-building all reward report volume. AI lowers the floor on who can plausibly submit.

The result is that maintainers, who are mostly volunteers running these projects on personal time, are getting buried under a queue of reports that takes hours or days to triage and may turn out to be worthless. Daniel Stenberg's public accounting of the curl bug bounty pegged AI slop at roughly 20% of submissions in 2025, with only about 5% of all submissions turning out to be genuine vulnerabilities. In January 2026, curl ended its bug bounty program — Stenberg explicitly cited the unsustainable cost of triaging AI-generated noise as a major factor.

That is the leading edge of a much broader problem.

‍

Is all AI-generated security work "slop"?

No, and this is important. The slop label specifically describes low-quality, unverified, or hallucinated reports. AI-assisted vulnerability research that produces verified, reproducible, real CVEs is a different category, and it's also accelerating fast.

A clear example: while curl was being overrun with low-quality submissions, the AI security research firm AISLE used their own AI tooling to identify 12 of 12 CVEs in a single curl release, plus 15 verified CVEs across late 2025 and early 2026 — all upstreamed and accepted by the maintainers. The same general capability — AI scanning codebases for vulnerability patterns — is producing both ends of the quality spectrum simultaneously.

Anthropic's release of Claude Mythos and similar AI vulnerability discovery capabilities will only intensify this divergence. Some operators will use these tools responsibly, with verification, reproduction, and clear disclosure. Others will spray reports at every project they can find, hoping volume produces a hit.

The maintainers are stuck in the middle, trying to tell which is which.

‍

What AI slop means for enterprises consuming open source

If you run open source in production — which is to say, if you run software at all — AI slop affects you indirectly but materially. Three things to understand:

1. The maintainers behind your dependencies are operating in a degraded environment. Their attention is being eaten by triage work that produces no patches. That means real vulnerabilities take longer to address. The signal-to-noise ratio in your CVE feed is getting worse.

2. Some maintainers will respond by withdrawing. Bug bounties will shut down (curl already has). Some projects will become harder to report to. Some will go quiet. Each of these is a downstream risk for anyone depending on those libraries.

3. The CVE record itself becomes noisier. As the volume of disclosures rises, the proportion that get fully scored, enriched, and contextualized falls. According to Sonatype's 2026 State of the Software Supply Chain report, the global CVE count has doubled in five years while the number of unscored CVEs has grown 37x. AI-generated reports are pouring fuel on that fire.

‍

What can actually be done about it

A few things are starting to take shape:

Maintainer-side AI tooling is catching up. The same kind of automation that generates slop can, in principle, help maintainers triage faster — pattern-matching reports against codebases, flagging duplicates, identifying obviously hallucinated claims. This is early but promising.

Bug bounty and disclosure programs are tightening. Expect more programs to require proof-of-concept code, working reproduction, and verification before paying out — and to penalize submitters whose reports don't hold up.

Commercial backstops for critical libraries are becoming a serious enterprise consideration. If your business depends on a library and the maintainer is being overrun by slop, "we'll wait for the upstream patch" is increasingly not a strategy. It's a bet that someone unpaid will keep absorbing infinite verification cost on your behalf.

That last point is what HeroDevs exists for. We provide Never-Ending Support for end-of-life and high-risk open source libraries, including the verification, backporting, and ongoing security work that maintainers can't always sustain. If you want a deeper look at how the AI-CVE surge is reshaping the broader picture, our CEO recently talked through it on Techstrong TV — the full interview is here.

‍

In short

"AI slop" is the security industry's emerging shorthand for low-quality, AI-generated vulnerability reports that look plausible but don't hold up. It's a structural problem because the cost of generating reports has collapsed while the cost of verifying them hasn't — and the people paying the verification cost are mostly unpaid volunteers. It's a leading indicator of where the open source security ecosystem is headed if enterprises don't change how they consume and support the libraries they depend on.