> I understand people are getting slammed and it sucks, but the main result of rejecting them is going to be an increase in full disclosure.
Right, what I'm saying is that letting those bugs go to full disclosure (aka being filed as public issues, like every other bug) would have been a significant damage to user safety a year ago, and it's not anymore.
I think that’s an assumption. Just because an LLM might be able to find some bugs does not mean every attacker has a packaged attack, or the right prompting. The easiest way to find a vuln is just to Google for it.