@bagder @swapgs I highly recommend clicking through the demo at hackerone.com/hai-your-hackeroβ¦
It's really really bad, even for the low bar of AI slop. It recommends using `X-XSS-Protection` (which is not a thing anymore), claims that calling `dangerouslySetInnerHTML` breaks the principle of least privilege, and then in a report about an SQL dump being publicly available it explains said dump by describing how a CREATE TABLE works without even catching on the fact that it's an export of the database in SQL format.
If the demo they present this with is so hilariously bad, I can only imagine what the real product is like.
https://infosec.exchange/@jagotu/113605229146870990
https://www.hackerone.com/hai-your-hackerone-ai-copilot
No replies.
ββββ
ββββ