RequestHunt is a community-driven platform that collects and curates feature requests from X (Twitter), Reddit, and GitHub. We help product teams discover what features real users are asking for, making it easier to validate product ideas and prioritize feature development based on actual user demand.

How does RequestHunt collect feature requests?

RequestHunt uses AI-powered extraction to automatically collect feature requests from social media platforms including X, Reddit, and GitHub. The platform monitors discussions, issues, and posts to identify genuine user feature requests, extracting key information like the requested feature, product mentioned, and user sentiment.

Who uses RequestHunt?

RequestHunt is used by product managers, founders, developers, and product teams who want to discover what features real users are requesting. It's particularly valuable for startups looking to validate ideas, established companies prioritizing their roadmap, and developers building products that solve real user problems.

Is RequestHunt free to use?

Yes, browsing and searching feature requests on RequestHunt is completely free. We also offer API access for developers who want to integrate feature request data into their own applications. Check our pricing page for API plan details.

How often is RequestHunt data updated?

RequestHunt continuously collects feature requests from Reddit, X (Twitter), GitHub, YouTube, LinkedIn, and Amazon. You can also trigger on-demand scraping via the API or web interface to get the freshest data for any topic.

[OpenAI Mythos] Provide clear documentation and usage guidance for code vulnerability detection

Users of OpenAI's Mythos model are unclear on how to effectively use it for finding code vulnerabilities. There is a need for a 'how-to manual' or 'man page' to guide security researchers and professionals on its specific application and best practices.

Original Source

@Rob T. Lee | 108 pts

OpenAI basically took its latest model (not even a Frontier one) and re-released it after effectively removing guardrails. They are likely trying to enhance researchers' ability to find code vulnerabilities. But neither OpenAI nor Anthropic is telling the cybersecurity community how to even accomplish this. We have heard from multiple folks with Mythos that they don't even know what specifically they're supposed to do with it. Point it at applications and say "find vulnerabilities" or what? It's not like it comes with a how-to manual or a man page. This is nothing more than one vendor trying to one-up another. We need to start benchmarking how one AI model is able to find code vulnerabilities over another and how quickly they are doing it. There are real risks at stake here. Is the solution to this problem that people should do code analysis and vulnerability discovery through models without additional security? For the majority of defenders out there that do not have the offensive training for fuzzing or vulnerability discovery, what are they supposed to do in the meantime? How are they going to validate the individuals (and people at enterprises) asking for access? While we can applaud that all these models are released to defenders first, the real issue is: is everyone fully aware of what to do with them once they get their hands on them?

Discussion

Loading comments...