Definitely will be a fight against bad actors pulling bulk open source software projects, npm packages, etc and running this for their own 0 days.

I hope Anthropic can place alerts for their team to look for accounts with abnormal usage pre-emptively.

▲

tptacek 5 hours ago | parent | next [-]

You want frontier models to actively prevent people from using them to do vulnerability research because you're worried bad people will do vulnerability research?

	▲	czbond 5 hours ago \| parent [-]
		Not at all. I was suggesting if an account is performing source code level request scanning of "numerous" codebases - that it could be an account of interest. A sign of mis-use. This is different than someones "npm audit" suggesting issues with packages in a build and updating to new revisions. Also different than iterating deeply on source code for a project (eg: nginx web server).

▲

3 hours ago | parent | prev [-]

[deleted]