Stupid hackerone reports getting paid

No longer at Yelp so please ignore company. At my new job, I drew the short straw and am triaging hackerone tickets. Most of these seem to be basic XSS vulnerabilities on inconsequential subdomains. But for some reasons the company is paying like $400 for these low efforts reports. There's more "Hope you are having a blessed and prosperous day" language than there is proof of concept. I could probably crank off one or two a day (obviously not for my current company). Anyone else doing this?