Review AI code for the mistakes models actually make
AI coding assistants are fast and confidently wrong about security. They paste secrets inline, build SQL with string concatenation, skip input validation, and import packages that do not exist on the real registry. This checklist concentrates on those AI-specific failure modes so you can review a suggestion before merging it. It is fully client-side — you check items against your own code; nothing is uploaded.
How it works
You choose the language or framework and the type of code you are reviewing. The tool surfaces a security checklist weighted toward the issues that appear disproportionately in model output — hardcoded secrets, injection (SQL, command, template), insecure deserialization, missing authn/authz checks, weak crypto/randomness, and dependency confusion. Each item explains what to look for. As you tick items, a progress indicator shows how complete the review is. The rule is simple: do not merge until every relevant item is resolved.
Why AI code fails security reviews at higher rates
Human developers make security mistakes too, but AI-generated code has three structural reasons to fail security reviews at a higher rate than careful human-written code:
Training data bias toward working, not secure. The code AI learns from includes millions of examples from tutorials, StackOverflow answers, and open-source repositories. This code is heavily weighted toward “runs without errors” rather than “secure in production.” Tutorials routinely hardcode credentials, skip input validation, and use deprecated cryptographic functions because those things don’t affect whether the tutorial compiles and demonstrates the concept.
Optimising for plausibility. AI models predict the most likely next token. Security-relevant patterns — parameterised queries, constant-time comparison, proper entropy sources — are less common in the training corpus than their insecure equivalents. The model confidently reproduces the majority pattern, which is often the insecure one.
Hallucinated dependencies. Models frequently generate import statements for packages that sound plausible but don’t exist on the actual package registry. Attackers have learned to preemptively squat on likely AI-hallucinated package names, creating a supply chain attack vector unique to AI-assisted development.
The highest-priority checks
Not all checklist items carry equal weight. These are the ones that most commonly produce severe vulnerabilities in AI-generated code:
Hardcoded secrets. AI models have a strong tendency to inline API keys, database credentials, and tokens in code “for illustration,” often forgetting to add a comment that they should be replaced. Check every string literal that looks like a key, token, or password.
SQL injection via string building. AI assistants frequently generate SQL by concatenating user input into a query string. Even simple queries like "SELECT * FROM users WHERE id = " + userId are vulnerable. Every database query in AI code should use parameterised statements or a query builder.
Dependency confusion. Before running npm install, pip install, or the equivalent, search for every package name the AI suggested on the actual registry. If a package isn’t there, or belongs to a suspicious publisher, do not install it.
Missing authentication/authorisation. AI generates code for the happy path. Check that every endpoint or function that touches sensitive data actually verifies who is calling it and whether they have permission.
Tips and notes
- Verify every dependency. Confirm each imported package exists on the real registry and is the one you intend — AI hallucinates names.
- Hunt for secrets first. Models love to inline keys “for the example.”
- Trust nothing from input. Check that user input is validated and queries are parameterised.
- Layer with tooling. Pair this with SAST and dependency scanning; the checklist guides the human, the scanners catch the rest.
- Never merge under time pressure. The most common way security reviews get skipped is “we need to ship today.” Build the checklist into your review process so it is the norm, not the exception.