GSoC 2025 AI/ML related ideas

[arkid15r]

As GSoC is looking to bring more security and AI/ML projects into GSoC 2025 I'm a bit concerned with a lack of AI component in our milestones. I have a couple ideas on how to improve the situation but also would love to hear more opinions on how we could utilize AI/ML to accomplish more OWASP Nest goals.

Please share any wild ideas you have. Let's discuss!

[nitinawari]

I propose integrating an AI-driven recommendation system into our project by leveraging GitHub OAuth. Upon login, users can select predefined interests such as security, GSoC, contributor roles, APIs, languages, development areas (dev/sec/ops), and location. Using this data, AI will suggest relevant projects, chapters, and issues, enhancing user engagement. Additionally, continuous monitoring will refine recommendations and categorize users as beginners, intermediates, or experts, creating a tailored environment that aligns with their skills and interests. This approach will improve data collection, personalize user experience, and optimize resource discovery.

[yashgoyal0110]

Automated Vulnerability Detection and Classification

Problem: Vulnerabilities in the code base can be difficult to spot manually.

AI Solution: Build a machine learning model that scans through repositories (codebases) and detects potential security vulnerabilities. This model could use natural language processing (NLP) and deep learning techniques to identify patterns similar to known security flaws. we could also train it to classify the severity of vulnerabilities.

Benefit: Automated security analysis at the pull request or commit stage, making it easier to track and address vulnerabilities earlier in the development lifecycle.

[yashgoyal0110]

AI-Powered Code Review Assistant

Problem: Manual code reviews are time-consuming and prone to human error.

AI Solution: Develop a system that leverages NLP or deep learning to assist with code reviews by identifying common security pitfalls (e.g., SQL injection, XSS). This assistant can analyze the pull requests and suggest corrections based on known OWASP guidelines or even flag high-risk code automatically.

Benefit: Faster and more accurate code reviews, reducing the risk of overlooking potential security issues.

[Naveen-Pal]

we may integrate nest chat bot in web like if user input "tell projects using python and c++ languages" then the web ai chat bot show result of /projects python and c++

[Prakhar29Sharma]

As a contributor If I found any bugs or issue with the current system, I will have to create an issue. but before doing so I'll have to check whether someone else already raised that particular issue or someone is already working on that or not. doing so involves manually checking issues and their content (issue description, discussions etc).

I propose development of a chat interface which will have context of ongoing issues and discussions and will help contributor to know if the issue is already taken or not. It'll improve contributor productivity and help them in these type of scenarios.