Traditional Code Review Misses AI-Generated Vulnerabilities—We Built an AI-Specific Security Checklist

General
1

Traditional Code Review Misses AI-Generated Vulnerabilities—We Built an AI-Specific Security Checklist

Over the past quarter, we discovered something alarming: Our standard code review process was catching human errors but completely missing AI-specific vulnerabilities.

This came to light after a security audit revealed 12 subtle bugs in AI-generated code that had passed code review and made it to production. Fortunately, none were exploited, but it was a wake-up call.

Why Traditional Code Review Fails for AI Code

Traditional code review looks for things humans typically get wrong:

  • Null pointer exceptions
  • Off-by-one errors
  • Race conditions
  • Missing error handling

But AI makes different mistakes:

  • Hallucinated APIs (imports libraries or functions that don’t exist)
  • Deprecated security patterns (uses vulnerable code patterns from old training data)
  • Subtle logic errors (code that looks correct but has edge case bugs)
  • Missing edge case handling (AI assumes happy path)

The Vulnerability That Changed Our Approach

Here’s the example that made us rethink everything:

// AI-generated authentication middleware
const authenticateUser = async (req, res, next) => {
  const token = req.headers.authorization?.split(' ')[1];
  const user = await verifyToken(token);
  
  if (user) {
    req.user = user;
    next();
  } else {
    res.status(401).json({ error: 'Unauthorized' });
  }
};

This passed code review. It looks correct. But it has a race condition vulnerability.

If two requests come in simultaneously for the same user, verifyToken() might return stale data. In production, this caused an authorization bypass where User A got User B’s permissions for ~200ms.

A human would rarely write this bug. But AI generated it because it pattern-matched on authentication examples without understanding the concurrency implications.

Our AI-Specific Security Checklist

After analyzing vulnerabilities in our AI-generated code, we created this checklist. It’s now required for all PRs tagged as “AI-assisted.”

:white_check_mark: Verification Checks

1. Hallucination Check: Verify all imports actually exist

  • Run npm install or equivalent to confirm dependencies
  • Check that all called functions are defined
  • Look for typos in library names (AI sometimes generates close-but-wrong names)

2. Security Pattern Check: Verify no deprecated practices

  • No eval() or Function() constructors
  • No string concatenation in SQL queries
  • No weak cryptographic algorithms (MD5, SHA1)
  • No bare try-catch blocks that swallow errors

3. Authentication/Authorization Verification

  • Extra scrutiny on auth code (AI frequently gets this wrong)
  • Verify race conditions can’t bypass security checks
  • Confirm authorization happens AFTER authentication
  • Check for session fixation vulnerabilities

4. Input Validation Check

  • AI often assumes valid input (dangerous!)
  • Verify all user input is validated
  • Check for SQL injection, XSS, command injection vectors
  • Confirm type checking for all parameters

5. Edge Case Analysis

  • What happens with empty arrays?
  • What happens with null/undefined values?
  • What happens with negative numbers?
  • AI typically doesn’t handle these without explicit prompting

:test_tube: Testing Requirements

For AI-generated security-critical code:

  • Unit tests for happy path (standard)
  • Unit tests for sad path (AI often misses these)
  • Unit tests for edge cases (null, undefined, empty, negative)
  • Integration tests for race conditions (if concurrent access possible)

:bar_chart: Cultural Shift: Tag PRs as “AI-Assisted”

We require developers to tag PRs that contain significant AI-generated code:

## AI Assistance Disclosure
- [ ] Contains AI-generated code (requires enhanced review)
- [ ] All AI-specific checklist items verified
- [ ] Additional tests written for AI code sections

This isn’t punitive—it’s protective. We found that reviewers apply different mental models when they know code is AI-generated.

Results After 3 Months

Before AI-specific checklist:

  • AI code review time: 15 minutes average
  • Vulnerabilities caught in review: 62%
  • Vulnerabilities escaped to production: 38%

After AI-specific checklist:

  • AI code review time: 22 minutes average (47% longer)
  • Vulnerabilities caught in review: 94%
  • Vulnerabilities escaped to production: 6%

Yes, review takes longer. But we’re catching issues before they reach production.

The Question This Raises

Should AI-generated code have a HIGHER review bar than human code, not lower?

Many teams adopted AI to ship faster. But if AI code needs more careful review, are we actually faster? Or are we just shifting effort from writing to reviewing?

I’m genuinely curious: How are other teams handling code review for AI-generated code?

Do you:

  • Treat it the same as human code?
  • Apply different review standards?
  • Require additional testing?
  • Have specific reviewers who specialize in AI code patterns?

Would love to learn from others on this.

— Keisha

2

Keisha, this is exactly what we’re seeing. AI code needs a DIFFERENT security lens, not just more of the same review.

The Pattern: AI Repeats Historical Vulnerabilities

Your auth middleware example is spot-on. We found AI consistently making the same category of mistakes across different codebases.

From the DryRun Security research: WebSocket authentication was missing from every AI-generated codebase they tested.

Why? Because AI is trained on tutorial code and Stack Overflow answers that skip authentication for simplicity. The model learned the pattern without understanding the security context.

Other patterns we’ve seen AI repeat:

  • Insecure random number generation (Math.random() instead of crypto.randomBytes())
  • Vulnerable regex patterns (ReDoS vulnerabilities)
  • Trusting client-side data without server validation
  • Missing HTTPS enforcement

Our Additional Checklist Item: Verify AI Didn’t Copy Vulnerable Patterns

We added a step: Search for the exact code pattern online. If it appears in old Stack Overflow answers (pre-2020), assume it’s insecure until proven otherwise.

The Tests Requirement

I love your requirement for tests on AI-generated security-critical code. We go further: AI must generate tests alongside code.

If the AI can’t write comprehensive tests for the code it just generated, that’s a red flag that the code might be more complex than it appears.

— Michelle

3

Keisha, let me share the practical implementation challenge we hit: How do you enforce “AI-assisted” tagging?

The Enforcement Problem

We started with honor system: “Please tag PRs that contain AI-generated code.”

Compliance rate: ~40%. Developers forgot, or didn’t think their 5 lines of AI code counted, or didn’t want the extra review scrutiny.

Our Solution: Automated Detection

We built git hooks that analyze code for AI-generated patterns:

  • Specific comment styles (AI assistants have signatures)
  • Unusually perfect formatting
  • Rapid commit velocity (100+ lines in <5 minutes)
  • Function names that follow AI naming patterns

If detected, automatically adds ai-generated label to PR.

Accuracy: ~85% (some false positives on copy-pasted code, some false negatives on heavily edited AI code)

The Mixed Human/AI Code Problem

Biggest challenge: Developers mixing AI and human code in same PR. How do you review that?

Our requirement: AI-generated changes must be in dedicated commits.

git commit -m "feat: Add payment validation [AI-assisted]"
git commit -m "fix: Handle edge case for negative amounts [human]"

This makes review easier—you know which sections need AI-specific scrutiny.

Time-to-Review Metric

Your 47% longer review time matches our data. We track time-to-review and found:

  • Human code: 18 minutes average
  • AI code: 27 minutes average
  • Mixed code: 35 minutes average (worst of both!)

The question: If AI code needs 50% more review time, does it actually save developer time overall?

— Luis

4

Keisha, I love this checklist but I’m worried about the developer experience implications.

The Resentment Risk

In our org, we initially had developers stop using AI tools because “it makes PRs take longer to review.”

They’d rather write code manually (15 min write, 15 min review = 30 min total) than use AI (5 min write, 25 min review = 30 min total).

Same total time, but the AI path feels worse because you’re waiting on others.

The Framing That Worked

We shifted the narrative from “AI code needs more review” to “AI code needs different review.”

:cross_mark: Bad framing: “AI-generated code is riskier and needs extra scrutiny”
:white_check_mark: Good framing: “AI makes different mistakes than humans, so we look for different things”

Same checklist, different psychology.

Celebrating Catches

We started recognizing in sprint retros when AI-specific review caught bugs:

“Great catch by Sarah on the WebSocket auth gap—that’s exactly the kind of AI pattern we need to watch for!”

Positive reinforcement for thorough review, rather than making it feel like punishment for using AI.

The Education Component

We run monthly “AI Security Patterns” workshops where we show:

  • Real AI-generated vulnerabilities from our codebase (anonymized)
  • How they would have been exploited
  • How the checklist would have caught them
  • How to write better AI prompts to avoid the issue

Developers went from seeing the checklist as bureaucracy to seeing it as protection.

— Maya

5

Keisha, I want to add the customer and regulatory perspective here.

The Disclosure Question

Some of our enterprise customers are asking in security reviews: “Do you track which code is AI-generated?”

They want to know:

  1. What percentage of codebase is AI-generated
  2. What additional security controls you have
  3. Can you provide audit trail of AI-generated changes

This is becoming a compliance checkbox.

The Liability Angle

If a breach happens from AI-generated code, and you:

  • Didn’t tag it as AI-generated
  • Didn’t apply appropriate review
  • Didn’t have specific security controls

That could be considered negligence in litigation.

Your “AI Assistance Disclosure” checkbox might become a legal CYA, not just a development practice.

The Two-Tier Quality Perception

My concern: Explicitly calling out “AI-generated code has different review standards” creates perception that AI code is lower quality.

Customers might ask: “Why are you using AI if it creates code that needs more careful review?”

How do you respond to that? The honest answer is “AI makes different mistakes” but customers hear “AI makes more mistakes.”

Alternative framing: “All code gets comprehensive review. We have specialized checklists for different code types: database queries, auth logic, AI-assisted code, etc.”

This normalizes the AI checklist as one of many specialized review processes.

— David