Peter Steinberger took to X to call out GitHub’s security vulnerability reporting process, calling it a “mess,” after he helped build OpenClaw into one of the fastest-growing projects and one of the most starred non-aggregator projects on the platform. He stated that access to vulnerability reports is restricted to administrators, making it hard to distribute across a team; the API is too limited for agents to read or post comments autonomously; and the system is drowning in what he called “AI-generated slop that takes me hours to sift through.” Why does this criticism carry particular weight right now? Steinberger is not a disgruntled open-source hobbyist. He is a repeat founder who has built major products that are being used around the world, and most recently, the company he joined makes his outburst worth looking into closely. Steinberger joined OpenAI in February, with OpenClaw said to live in a foundation as an open source that OpenAI will continue to support. OpenClaw’s security page notes explicitly that, given the volume of AI-generated scanner findings received, it requires vetted reports from researchers who have genuinely understood the issues, a policy that reads almost as a footnote to his X post. He has navigated multiple coordinated vulnerability disclosure processes and watched the noise-to-signal ratio deteriorate in real time as automated scanning tools proliferated. OpenAI, on the other hand, recently unveiled what has been described internally as an agentic security researcher, a system powered by its latest models that integrates directly with GitHub, scans commit-level changes, validates exploitability in sandboxed environments, and attaches AI-generated patches to its reports. The product is a near-perfect answer to each of the three complaints Steinberger aired publicly. While this could be a coincidence or choreography, the timing makes Steinberger’s post difficult to ignore, especially considering that it is not a strange occurrence among tech founders to call out a product when they are about to launch an alternative or make an acquisition. When CZ of Binance publicly mused about prediction markets, it did not take long before prediction market platform, Predict.fun, launched on BNB, backed by YZi Labs. Elon Musk complained about Twitter’s direction before acquiring it. He later criticized OpenAI’s governance and went on to found xAI. In short, tech founders tend not to criticize infrastructure problems they have no intention of solving. However, it is worth noting that the vast majority of comments under Steinberger’s tweet agree that more needs to be done by GitHub to reduce the “AI slop.” Will AI affect how software gets built and used? Andrew Chen, a general partner at Andreessen Horowitz, published a widely circulated opinion on X , stating that AI code generation is about to dissolve the last barrier between business logic and real software. He wrote, “AI code gen means that anything that is currently modeled as a spreadsheet is better modeled in code. You get all the advantages of software – libraries, open source, AI, all the complexity and expressiveness.” The spreadsheet, he wrote, exists only because the cost of writing proper code was historically too high. That cost has now collapsed. When a billion knowledge workers can describe what they want in plain English and receive a functioning application in return, the ceiling on what non-technical people can build rises by an order of magnitude. According to him, “the spreadsheet was the great equalizer that let non-technical people build things. AI code gen is the *next* great equalizer, but the ceiling is 100x higher. We’re about to see what happens when a billion knowledge workers can build real software.” However, many X users in the comments do not agree with his submission, with one stating , “spreadsheets will survive for the same reason that PDFs are still ubiquitous. The paper skeuomorphism persists despite 30 years of hypertext. There is something the spreadsheet ‘does’ that is distinct from manipulating or displaying data.” Generally, AI growth has seen an exponential rise. Insights fro m ER C-8004 AI agent ecosystem show that over 81,000 agents have been deployed in the past 30 days, with over 1,670 deployed in the past 24 hours. This does not account for agents being deployed off the blockchain. GitHub’s vulnerability reporting system was designed for a world in which humans filed bugs. It is now operating in a world in which agents file them, at machine speed and in machine volume, and according to some users, the infrastructure seems to be struggling despite having its own AI capabilities. Steinberger’s post may be nothing more than the frustration of a busy engineer. However, it arrives at precisely the moment when the gap between that old world and the new one is becoming impossible to paper over. The smartest crypto minds already read our newsletter. Want in? Join them .
