"It costs the slopmaker perhaps a minute to generate their submission. But it costs us hours to read, understand, and engage with them."
That line from Turso's blog post announcing the end of their $1,000 bug bounty program captures something the security community is only beginning to reckon with: AI tools have made it essentially free to generate plausible-looking but completely worthless vulnerability reports.
Turso builds the database infrastructure behind libSQL, a fork of SQLite designed for edge deployments. Their bug bounty offered $1,000 per confirmed data corruption issue - a reasonable incentive for a serious class of bug. Over nearly a year, five people collected that reward legitimately. Then the program collapsed under the weight of AI-generated junk.
What the Spam Actually Looked Like
The examples Turso published are worth reading in full, because they show exactly how AI is being weaponized here. One submission manually injected garbage bytes into a database header, then submitted it as evidence of a corruption vulnerability. Another added out-of-bounds array access directly to the source code before claiming to have "discovered" a bug. A third argued that arbitrary SQL execution is a security vulnerability - in a SQL database. A fourth enabled concurrent writes, observed the expected behavior, and submitted that as a flaw.
None of these required understanding the codebase. Each could be assembled by someone with a vague prompt and a few minutes. The financial asymmetry is brutal: the submitter invests almost nothing, while a real engineer has to read the report carefully enough to confirm it's nonsense before rejecting it.
This isn't a Turso-specific problem. Bug bounty platforms like HackerOne and Bugcrowd have reported rising volumes of low-quality AI-assisted submissions for the past year. The same dynamic applies to open-source issue trackers, content moderation queues, and support inboxes: anywhere a financial or attention incentive exists, AI lowers the cost of trying so much that the economics of spam shift entirely.
The Legitimate Work That Got Buried
The five people Turso paid before the program broke are worth naming as a counterpoint. Alperen Keles, a core simulator contributor. Mikael, who was later hired. Pavan Nambi, who found more than 10 bugs in SQLite itself during the process. These are people who did real work - reading source code, constructing reproducible test cases, understanding how data corruption actually happens at the storage layer.
That kind of contribution doesn't disappear because the bounty is gone, but the incentive structure that encouraged it does. Turso was careful not to close contributions entirely - they eliminated the money, not the channel. Whether that holds the genuine researchers while shedding the spammers is the open question.
A Foreseeable Pattern
Security programs work on the assumption that the cost of finding a real bug is high enough that only people who genuinely found something will bother to submit. AI breaks that assumption. The cost of generating a submission that looks superficially credible is now near zero, which means any open financial incentive becomes a spam magnet.
The obvious countermeasure - requiring proof-of-work or more friction in the submission process - trades off against discouraging legitimate researchers who already find the process annoying. There's no clean answer, which is probably why Turso simply walked away from the model entirely.
For anyone running a public security program on an open-source project, this is a preview of what's coming. The tools that make it easy to read and contribute to code also make it easy to generate convincing garbage. Programs designed before that was true need to be redesigned.