This article discusses a method for identifying software vulnerabilities by integrating large language models (LLMs) with static analysis tools like CodeQL. The authors highlight their tool, Vulnhalla, which filters out false positives and focuses on genuine security issues, illustrating the challenges of using LLMs in vulnerability research.