• Category: Pulse
  • Status: discussion
  • Sources: discussion
  • Summary: Cross-reference to the GLM 5.2 cyber-benchmark story in Top stories. The HN thread's signal is methodological: commenters argue the comparison pits a single bare prompt against Semgrep's scaffolded pipeline, that the headline omits the exact Claude model, and that IDOR is among the easiest bug classes to detect.
  • Why it matters: The discussion is a caution against reading single-task vendor benchmarks as capability rankings.

Send feedback on this story