Daniel Stenberg has a problem, one he's never had before. As the lead author of cURL – a piece of open-source software installed on more than a billion computers – he is used to receiving messages (called reports) from a community of millions of software engineers that rely on his software. His problem? Instead of a handful of useful reports per month, his team is being flooded with hundreds of inaccurate and useless reports generated with the help of AI engines like ChatGPT.

These reports cannot simply be ignored. One of them could contain vital information about a bug or vulnerability in cURL, that, if missed, would leave its billion-plus users open to hacking. The issue is that the sheer volume of reports makes it extremely time-consuming to comb through the mess and find anything valid. Stenberg likens this flood of reports to a DDoS (distributed denial of service) attack in which millions of enslaved computers visit a website in order to bring it down through sheer weight of numbers.