Comment Re: Need metrcis on number of positives + hours ne (Score 2) 78
The person who made the report is a professional penetration tester. His usual method is to look for anything that could be wrong and then test whether it actually is. What he found is that the AI tools came up with potential issues he hadn't thought of, and they weren't all wrong, so it's a valuable tool to him because he normally runs out of ideas rather than running out of time to test them. He complained about the UI making it hard to go through large lists of reported issues exhaustively, and he only used the suggested fixes to get a better idea of what the issue was supposed to be. So it's clear that the tool's output wouldn't be directly useful to a maintainer, but it does serve a purpose.