Bug bounty platforms are rejecting reports for “sounding like AI” while agents become the biggest new attack surface in a decade
Self-taught, 3 years writing software, and security research and making sure my software is secure has been the pull the whole time. We all know AI has become part of the workflow for most engineers now, and security research is no different. The grunt work gets automated. The verification doesn’t. Everything I submit gets verified by hand before it goes anywhere.
This year I submitted findings backed by real infrastructure artifacts. Reproducible, evidence attached. Three got closed as “potentially AI-generated.” Not wrong. Not unreproducible. The prose smelled like a model, so the finding didn’t count. Points deducted for my trouble.
Meanwhile I’ve been scanning MCP servers and built a tool to do so, and I ship an MCP server in my own platform, so I’ve seen this from both sides. The state of agent security is bad. Tool descriptions are an injection surface the model trusts by default.
Almost nobody pins versions, so the server you approved last month can behave differently today.
And as a server author I can tell you the client just believes whatever my server declares about itself.
So the current position is: AI-assisted vuln reports are suspicious, but wiring 20 unsigned MCP servers into an agent holding your credentials is normal.
Am I wrong, or is triage optimizing for the wrong threat? And what do people actually do to vet servers before connecting them?
And also I feel like these corporations are pretty much stealing the labor of security researchers who deserve better.