Yes, you can. I strongly encourage people skeptical about this, and who know at a high-level how this kind of exploitation works, to just try it. Have Claude or Codex (they have different strengths at this kind of work) set up a testing harness with Firecracker or QEMU, and then work through having it build an exploit.
replyStill have to validate it.
replyI’ve started to see bug bounty programs put flags into the product (see apples target flags https://security.apple.com/bounty/target-flags/).
replyI wonder if it’s partially to make it easier to validate from an AI perspective
[flagged]
reply