I recently noticed an issue where tailscale was placing its iptables rules above my system firewall (`ts-input all -- anywhere anywhere` before `nixos-fw`). The tailscale input chain looked like this:

  Chain ts-input (1 references)
  target     prot opt source               destination
  ACCEPT     all  --  pan                  anywhere
  RETURN     all  --  100.115.92.0/23      anywhere
  DROP       all  --  100.64.0.0/10        anywhere
  ACCEPT     all  --  anywhere             anywhere

That seemed bad, but I'm not super familiar with iptables, so I ask Claude 4.5 Sonnet through Kagi. It gives me:

  No, nixos-fw IS run on most packets. Let me explain the iptables chain flow:
  How the Chain Processing Works

  In iptables, when a user-defined chain (like ts-input) is called:

  - ACCEPT: Accepts the packet within that chain and returns to the calling chain (INPUT), where processing continues with the next rule
  - RETURN: Simply returns to the calling chain and continues processing
  - DROP: Drops the packet entirely (no further processing anywhere)

Which is very very wrong. I highlighted the similarity between ACCEPT and RETURN in its explanation, not even with that much conviction or forcefulness, and it turned on a dime.

  You're absolutely right to question that - I made an error! Let me correct it:
  ...
  Most packets DON'T reach nixos-fw because:
  ...

I also had another incident where it looked over a backup script, and gave it an ok, but failed to alert me that `gpg -as --encrypt-to <ID>` requires `-e` to actually do the encryption. By that point I was wiser, and had o3-pro look over the script, which caught it right away.

I'm not sure why AI is so completely trash at security. In fairness, the average software dev is also worse at security compared to writing code, and the answer to many stackoverflow questions is "add --insecure --no-check --bypass-tsl", but I'm still a little shocked at how bad AI is.