Six months into 2026, the velocity story has a footnote, and the footnote is getting expensive. The spring data is in, and it points the same direction from every source: the code our AI assistants are shipping is faster to write and far harder to trust.
Start with the number that should be on a slide in every engineering all-hands and isn't: Veracode tested more than 100 large language models and found that 45% of AI-generated code samples introduce an OWASP Top 10 vulnerability. Not edge cases — the most common, most exploited weakness classes in web software. Nearly half.
It compounds. GitGuardian's 2026 report logged 28.65 million new hardcoded secrets in public GitHub in 2025 — up 34% year over year, the largest single-year jump on record — and found AI-assisted commits leaking secrets at roughly twice the baseline rate (3.2% vs 1.5%). Georgia Tech's “Vibe Security Radar” attributed 35 CVEs in a single month (March 2026) directly to AI coding tools.
And the teams shipping it know something is off. Roughly 84% of developers now use vibe coding, but only about 29% trust it; around 63% say they spend more time debugging AI code than writing it manually would have taken; and about 75% of tech leaders expect moderate-to-severe technical debt by 2026. (Individual percentages vary by survey — treat them as estimates — but the direction is strongly corroborated across all of them.)
Here's the frame that makes sense of all of it: velocity you can't secure is a loan, not a gain. The 10× output is real. So is the interest — paid in incidents, debugging, and rework. This post is the data nobody's putting on a slide, and the checklist that turns the loan back into a gain.
What is vibe coding? Coined by Andrej Karpathy, “vibe coding” is accepting AI-generated code without detailed review — prompt, run it, ship it if it seems to work. It's fast. It also removes the review and security steps traditional development depended on, which is exactly where the security and tech-debt bill comes from.
Key takeaways
- ~45% of AI-generated code introduces an OWASP Top 10 vulnerability (Veracode, 100+ LLMs tested).
- AI-assisted commits leak secrets at ~2× the baseline (3.2% vs 1.5%); GitGuardian logged 28.65M new secrets in 2025 (+34% YoY).
- Adoption far outruns trust: ~84% use AI coding tools, ~29% trust them, and ~63% spend more time debugging AI code than hand-writing it would have taken.
- Fix the process, not the model: blocking secret scanning, SAST/SCA on every AI PR, and mandatory human review for auth, payments and data. Treat AI output as untrusted input.
1. The 45% problem: what “it works” hides
The trap in vibe coding is that the failure mode is invisible at ship time. AI-generated code that compiles, passes the happy-path test, and demos cleanly can still carry an injection flaw, a broken access-control check, or a missing authorization step. “It works” and “it's safe” are different claims, and the model only optimises for the first one.
Why so high? An LLM reproduces the average of its training data, and the average of public code is not secure. It has no model of your threat surface, your auth boundaries, or your data-classification rules unless you give it one — and even then it'll confidently pattern-match to an insecure example it saw ten thousand times. The model isn't malicious. It's just optimising for plausible, not for safe.
2. The secret-leak doubling
Hardcoded secrets are the most preventable breach vector in software, and AI assistants are making them worse. The mechanism is mundane: agents scaffold .env files, config blocks, and test fixtures with real-looking — and sometimes real — credentials, and the speed of acceptance means fewer eyes catch them before commit.
A leaked secret is rarely the end of the story — it's the first link in a chain. We wrote about the architectural version of this in our April 2026 recap: a single token captured from a dev tool chained through CI, secrets, and the deploy pipeline. AI-assisted code leaking secrets at 2× isn't a tidiness problem; it's feeding the most active supply-chain attack pattern of the year.
3. The debugging tax and the tech-debt bill
The productivity claim and the reality have quietly diverged. 84% use AI coding tools; 29% trust them. That gap is the whole story. When 63% of developers report spending more time debugging AI output than writing the code by hand would have taken, the headline “10× faster” is measuring keystrokes, not shipped, maintainable, secure software.
| The claim | What the 2026 data shows |
|---|---|
| “10× faster” | ~63% of developers spend more time debugging AI code than hand-writing it would have taken |
| “Output you can trust” | ~84% use AI coding tools, but only ~29% trust the output |
| “Production-ready code” | ~45% ships an OWASP Top 10 vulnerability (Veracode) |
| “Clean commits” | AI-assisted commits leak secrets at ~2× the baseline (3.2% vs 1.5%, GitGuardian) |
This is the loan. You borrow speed at authoring time and repay it — with interest — in debugging, security remediation, and the 75% of leaders' projected technical debt. The interest rate is whatever your incident and rework cost is, and it compounds quietly until something pages you at 3 a.m.
None of this is an argument against AI assistance. It's an argument against ungoverned AI assistance. The teams getting the real gain are the ones who kept the review gates and pointed them at the new firehose of code.
4. This is a process failure, not an AI failure
It's tempting to read the 45% number as “the AI is bad.” It isn't. The AI is doing exactly what it was built to do: produce plausible code, fast. What broke is the process around it. For twenty years, software security depended on friction — code review, a human who'd written auth before, a security champion who'd push back on a sketchy query. Vibe coding's entire value proposition is removing that friction. Remove the friction and you remove the controls that were riding on it.
So the fix isn't “stop using AI.” It's to re-add the controls as automated gates that scale with the new code volume — gates that don't care whether a human or a model wrote the line, only whether it's safe. Treat AI output the way you already treat any external contribution: untrusted input, guilty until proven safe.
5. A security checklist for AI-assisted code
This is the checklist we put in place when a team is shipping AI-generated code at volume. None of it slows good engineers down; all of it catches the 45%.
- Secret scanning in pre-commit AND CI. Tools like gitleaks or trufflehog, set to block on detection, not just warn. This single gate erases most of the 2× secret-leak gap.
- SAST on every AI-generated pull request. Static analysis tuned for the OWASP Top 10, run automatically. Treat AI PRs as untrusted input that must pass before merge.
- Software composition analysis (SCA). AI loves to import packages — sometimes hallucinated, sometimes typosquatted. Scan and pin dependencies; verify they exist and are the ones you meant.
- The hard line: mandatory human review for auth, payments, and data access. Decide, in writing, which code paths a model is never allowed to ship unreviewed. Authentication, authorization, money movement, and PII handling are non-negotiable human-review zones.
- An OWASP Top 10 review gate. A short, explicit checklist on the PR template: injection, broken access control, auth, SSRF, insecure deserialization. Make the reviewer tick it.
- Least-privilege by default. Reject scaffolding that grants broad scopes, wildcard IAM, or admin tokens “to make it work.”
- Human-owned tests. Don't let the same model write the code and the tests that bless it. Tests are where human intent gets encoded.
- Provenance labels. Mark AI-generated code and track which tool/model produced it, so when a class of bug surfaces you can find every sibling.
- Policy-as-code guardrails for infra. The same OPA/Sentinel gates that govern cost (see our FinOps for AI piece) catch insecure AI-generated infrastructure too.
- Measure the debugging tax. Track rework and remediation time on AI-assisted changes. Manage realized velocity, not apparent velocity — the keystroke count is the lie.
Frequently asked questions
What is vibe coding?
A term from Andrej Karpathy for accepting AI-generated code without detailed review — prompt, run, ship if it seems to work. Fast, but it removes the review and security steps traditional development relied on.
Is AI-generated code secure?
Not by default. Veracode's 2026 testing found ~45% of AI-generated samples introduce an OWASP Top 10 vulnerability, and AI-assisted commits leak secrets at ~2× the baseline. Treat AI code as untrusted input behind the same gates as any external contribution.
How do you secure AI-assisted development?
Re-add the controls vibe coding skips: blocking secret scanning, SAST and SCA on every AI PR, mandatory human review for auth/payments/data, an OWASP gate, least-privilege defaults, human-owned tests, and provenance labels.
Does AI coding increase technical debt?
The 2026 data points that way: ~84% use AI tools, ~29% trust them, ~63% spend more time debugging AI code, and ~75% of leaders expect moderate-to-severe tech debt. Velocity you can't secure or maintain is a loan, not a gain.
The takeaway
“We're 10× faster with AI.” Maybe. The honest follow-up question is: who's reviewing the 45%? Because that's the line that decides whether your AI program shows up as throughput or as a series of postmortems.
The velocity is real and worth having. But velocity without the security gates is a security-debt bubble — and bubbles are just deferred bills. The teams that come out ahead in the back half of 2026 won't be the ones who adopted AI fastest. They'll be the ones who kept treating AI output as untrusted input, automated the gates that vibe coding removed, and measured realized velocity instead of keystrokes.
Ship the speed. Keep the gates. The 45% is only free until it isn't.
Shipping AI-generated code at volume and not sure what's getting through? InfraZen runs a Secure Delivery Review for AI-assisted teams: we wire blocking secret scanning, SAST and SCA into your pipeline, define the human-review hard lines for auth, payments and data, and hand you the OWASP gate as a PR template your team will actually use. You'll have a prioritised remediation backlog by Friday. Talk to us before the 45% becomes your next incident.
Related: April 2026: AI supply-chain breaches · FinOps for AI: runtime cost governance · DevOps & DevSecOps Engineering · What is DevOps? · DevOps for Fintech