I reported a fun security bug to Google recently (not high in CVSS terms but will probably make the HN front page when it goes public), and the report was auto-closed in minutes as "not reproducible". If they tried to use an LLM to reproduce it I'm not surprised, since it requires a soldering iron.

Having seen the other side of a security inbox I totally get it, and fortunately I was able to get it re-opened via backchannels. I think the future of bug reporting will run almost exclusively on reputation and connections.