You won't find me badmouthing coding assistants, but they are not like other productivity tools. They generate and modify source code, touch production systems, and can leak sensitive data or pull unverified dependencies.
But even though there's near universal AI adoption among devs, most orgs still don’t have clear AI usage policies in place.
It’s a new attack surface hiding inside our workflows, so naturally there needs to be different policies, governance, controls... whatever teams want to call it.
We created the AI Coding Risk Assessment for orgs to start taking a step in the right direction https://ai-risk.codacy.com/
If you worry your team's pipeline is filling up with risky AI code, this is for you. It's free and anonymous, of course.
Top comments (0)