Frontier AI has broken open CTFs, says former top-10 competitor

A veteran CTF player who competed with top-10 international team TheHackersCrew argues the open CTF format is no longer a meaningful measure of human security skill. The shift started when GPT-4 made medium-difficulty challenges one-shottable, but accelerated sharply with Claude Opus 4.5, which let teams wire Claude Code to the CTFd API and auto-solve large swaths of the scoreboard before humans even started. GPT-5.5 Pro now reportedly one-shots Insane-tier heap pwn on HackTheBox, turning 48-hour events into a question of how many agent tokens a team can afford to burn.

The author rejects the common rebuttals. Pointing to AI-resistant DEF CON finals misses that qualifiers feeding them are themselves falling to agents. The ‘beginners are fine’ defense ignores that the scoreboard was the ladder — when the rungs above are automated, newcomers are pushed to prompt rather than build instincts. Chess-engine analogies fail because engines are banned during competitive play, not handed to every competitor mid-match.

The practical consequences: CTFTime rankings no longer track skill cleanly, recruiting signal is degraded, and challenge authors lose incentive to craft elaborate puzzles that an agent will eat in minutes. The recommendation is to send beginners to learning-focused platforms like picoGym and HackTheBox, and to stop pretending the open scoreboard still reflects human growth.