Meanwhile, several companies are no longer offering bounties. It's becoming tedious to sift through all the AI-generated submissions, many of which are false positives.
Just require people submitting a bounty to post an evaluation fee. If it's a real bug they get a refund and the bounty. If it's AI slop, you keep the evaluation fee.
The lack of self awareness is shocking. This is a tragedy of the commons and they don’t even realize it. The whole thing was written by AI, so maybe not that surprising.
Bounties are the most overfished pond when trying to making money with AI because the task to earnings step is atomic.
AI UGC with affiliate sales and other kinds of monetized AI content creation requires niche selection, monitoring, and some upfront risk, but has much better ROI on effort.
"Pick one repo and become a contributor first", add the operative "real" after a, and this should probably be the one and only point under "What I'd do differently"
But smaller and cheaper models which produce more junk are cheaper.
The cost is with the project maintainer, not with the bounty hunter.
The number of problems this creates absolutely isn't worth it.
You've traded higher barrier of entry for a PR nightmare when someone publicly complains that you ate their legit submission fee as a money grabber.
AI UGC with affiliate sales and other kinds of monetized AI content creation requires niche selection, monitoring, and some upfront risk, but has much better ROI on effort.