There is a number that has been circling developer circles for the past few months and nobody seems to know what to do with it. A broad analysis of 470 GitHub pull requests found that AI-generated code was 1.7 times more likely to have major issues like logic errors, and 2.74 times more prone to security vulnerabilities compared to human-written code. (daily.dev) Hardcoded API keys. Plain-text passwords. APIs that do not even exist, hallucinated from outdated training data.
And yet, developer adoption is near-universal. Big Tech is generating anywhere from 25 to 90 percent of new code with AI, depending on the organisation. (Hostinger)
So we have a situation where the tools are objectively producing riskier code, and we are using them more than ever. That is not a contradiction. That is a rationalization.
The most counterintuitive finding of 2026 is this: researchers ran a randomized controlled trial with experienced open-source developers on real codebases doing real tasks, and they were measurably slower when using AI tools. They did not know it. Even after the experiment, they believed AI had helped them. (Hashnode) Broader survey data shows 95 percent of developers report feeling productive while measurably producing lower-quality code. (Hashnode)
That gap between feeling productive and being productive is where a lot of careers are quietly getting damaged right now.
I am not writing this to tell you to stop using these tools. I use them too. The point is that we have collectively agreed to stop asking hard questions about what we are actually shipping. A prototype that works in a demo is not the same thing as a product someone depends on. The "three-month black box" problem is real: projects become unmanageable because nobody on the team actually understands the AI-generated codebase they are now responsible for maintaining. (daily.dev)
Andrej Karpathy coined the term "vibe coding" in early 2025. The idea was straightforward: describe what you want in plain English, let AI write the code, and do not obsess over every line. (Alex Cloudstar) That framing made sense for personal projects and quick experiments. What happened next is that companies started treating it as a production methodology.
By 2026, 41 percent of all code globally is AI-generated. (daily.dev) Some of that is fine. A lot of it is sitting in production systems that someone will have to debug at 2am six months from now, written by an AI that had no stake in whether the thing holds up.
The security angle is the part that should concern anyone working in this industry. Security firm Tenzai tested five popular AI coding tools and found that 45 percent of AI-generated code samples contain OWASP Top-10 vulnerabilities. (Hashnode) These are not obscure edge cases. These are the most well-documented, widely-known vulnerability categories in web development. The kind of mistakes a junior developer would get flagged for in a code review.
What is the fix? Honestly, it is boring. The difference between a vibe-coded prototype and a vibe-coded product is the automated verification layer that runs on every change. Set up tests, type checking, and linting from day one. These quality gates catch AI-generated mistakes before they compound into larger problems. (DEV Community) That is not revolutionary advice. It is just the fundamentals that people started skipping because the AI made everything feel so fast.
One engineer described it well: the best approach is a pendulum method, going back and forth between AI-assisted and hand-written code. Not because AI is bad, but because staying sharp matters. You do not want to go too long without writing something by hand and lose your mental model of what good code actually looks like. (Explainx)
That feels right to me. The developers who will be fine are the ones treating AI as a collaborator they have to supervise, not a replacement for thinking. The ones who will struggle are the ones who have outsourced their judgment along with their keystrokes.
We built careers on understanding systems. That understanding is still the job. The keyboard just got faster
For further actions, you may consider blocking this person and/or reporting abuse
Top comments (0)