AI coding tools are everywhere in 2026. Claude, Copilot, Cursor โ they're writing production code at an insane pace. And if you're vibe coding your way through a project (we see you), you're shipping faster than ever.
But here's the thing nobody wants to talk about: AI-generated code has real security problems.
Not hypothetical. Not theoretical. We're talking about vulnerabilities that are showing up in production codebases right now. Injection flaws, leaked secrets, broken auth patterns โ the kind of stuff that turns a weekend project into a breach headline.
We built [VibeSniffer](https://vibesniffer.com) specifically because we kept seeing the same security anti-patterns in AI-generated code. After scanning thousands of AI-assisted repos, here are the 7 biggest risks โ and exactly how to fix each one.
1. SQL Injection via String Concatenation
The Risk: AI models love to concatenate user input directly into SQL queries. It looks clean, it works in demos, and it's a textbook injection vulnerability.
You'll see code like this coming out of AI assistants:
```python query = f"SELECT * FROM users WHERE username = '{username}'" cursor.execute(query) ```
Looks fine. Works fine. Until someone passes `' OR '1'='1` as a username and dumps your entire database.
Why AI Does This: Training data is full of tutorials and Stack Overflow answers that use string formatting for simplicity. The model optimizes for "code that looks right" โ not "code that's secure."
The Fix: - Always use parameterized queries or an ORM - Set up a linter rule that flags string concatenation in SQL contexts - Use a static analysis tool like [VibeSniffer](https://vibesniffer.com) to catch injection patterns before they hit production
```python cursor.execute("SELECT * FROM users WHERE username = %s", (username,)) ```
2. Hardcoded Secrets and API Keys
The Risk: Ask an AI to integrate with Stripe, OpenAI, or any third-party API, and there's a solid chance it'll drop the API key right into the source code. Sometimes it generates placeholder keys that look fake but match real key formats. Sometimes it pulls patterns from training data that are uncomfortably close to actual credentials.
Why AI Does This: The model is completing a pattern. Most code examples it trained on show the key inline for brevity. It doesn't understand that `sk_live_...` is a thing you never commit.
The Fix: - Use environment variables. Every time. No exceptions. - Add a `.gitignore` that covers `.env`, credentials files, and key stores - Run a secrets scanner (like `gitleaks` or `trufflehog`) in your CI pipeline - Review every AI-generated integration for hardcoded strings before committing
3. Overly Permissive CORS and Auth Configurations
The Risk: AI-generated backend code frequently ships with wide-open CORS policies (`Access-Control-Allow-Origin: *`) and auth middleware that's either missing or commented out "for testing."
We've seen AI produce Express.js servers with no auth middleware, Flask apps with `CORS(app)` and zero origin restrictions, and Next.js API routes that skip session validation entirely.
Why AI Does This: Most tutorial code disables security features to reduce complexity. The AI is essentially generating "getting started" code โ which is great for prototyping, terrible for production.
The Fix: - Explicitly configure CORS to allow only your domains - Never trust AI-generated auth boilerplate without reading every line - Use established auth libraries (NextAuth, Passport, Auth0) rather than letting AI roll custom auth - Test your auth boundaries manually โ try accessing protected routes without tokens
4. Missing Input Validation and Sanitization
The Risk: AI-generated code almost never validates input thoroughly. It trusts that the frontend sends clean data. It assumes file uploads are the right type. It takes user-provided URLs and fetches them without checking.
This opens the door to XSS, SSRF, path traversal, and a dozen other attack vectors.
Why AI Does This: Input validation is boring. It's repetitive. And it's context-specific โ the model doesn't know your threat model, so it skips the validation it can't generalize.
The Fix: - Validate on the server. Always. Even if you validate on the client too. - Use schema validation libraries (Zod, Joi, Pydantic) for all incoming data - Sanitize HTML output to prevent XSS โ use libraries like DOMPurify - For file uploads: validate MIME types, enforce size limits, and never trust the file extension
5. Insecure Dependency Choices
The Risk: AI models recommend packages based on popularity in training data โ which is often years out of date. They'll suggest packages that have been deprecated, abandoned, or found to have critical CVEs since the model was trained.
Worse, they sometimes hallucinate package names entirely. In the npm and PyPI ecosystems, this has led to actual dependency confusion attacks where malicious actors publish packages matching AI-hallucinated names.
Why AI Does This: The model's knowledge of the package ecosystem is frozen at its training cutoff. It doesn't know that `event-stream` got compromised or that `left-pad` doesn't exist anymore.
The Fix: - Run `npm audit` / `pip audit` / `cargo audit` after every AI-assisted session - Verify that recommended packages actually exist and are actively maintained - Use lockfiles and pin versions - Check the package's GitHub repo โ look for recent commits, open issues, and download counts
6. Broken Error Handling That Leaks Information
The Risk: AI-generated error handlers love to be helpful. Too helpful. They'll return full stack traces, database connection strings, internal file paths, and query details right in the HTTP response.
```javascript app.use((err, req, res, next) => { res.status(500).json({ error: err.message, stack: err.stack }); }); ```
This is a goldmine for attackers doing reconnaissance.
Why AI Does This: Detailed error messages are helpful during development. The AI doesn't distinguish between dev and prod contexts โ it generates whatever's most "complete."
The Fix: - Use different error handlers for development and production - In production, return generic error messages with an error ID for internal lookup - Log full details server-side, never client-side - Never expose database errors, file paths, or stack traces to end users
```javascript app.use((err, req, res, next) => { const errorId = crypto.randomUUID(); logger.error({ errorId, err }); res.status(500).json({ error: "Something went wrong", errorId }); }); ```
7. Insecure Cryptography and Token Generation
The Risk: AI regularly generates code that uses `Math.random()` for tokens, MD5 for password hashing, or custom encryption schemes that would make a cryptographer cry. We've seen AI produce JWT implementations with `none` algorithm support, session tokens generated from timestamps, and password "encryption" using Base64.
Why AI Does This: Cryptography is hard, and training data is full of bad examples. The model doesn't understand that `Math.random()` isn't cryptographically secure โ it just knows it produces numbers.
The Fix: - Use `crypto.randomUUID()` or `crypto.getRandomValues()` for tokens - Use bcrypt, scrypt, or Argon2 for password hashing โ never MD5 or SHA-256 alone - Use established JWT libraries and explicitly reject the `none` algorithm - Never roll custom crypto. Ever. Use `libsodium` or your platform's built-in crypto module
The Bigger Picture: Vibe Coding Needs a Safety Net
Look โ we're not anti-AI coding. We literally build tools for it. AI code generation is the biggest productivity leap since version control, and the vibe coding movement is putting real power in the hands of builders who'd otherwise be stuck.
But speed without security is just technical debt with a fuse attached.
The pattern we see over and over:
- Developer prompts AI for a feature
- AI generates code that works
- Developer ships it (it works!)
- Nobody reviews the security implications
- Vulnerability sits in production until someone finds it
The fix isn't "stop using AI." The fix is adding a security layer to your AI-assisted workflow.
### What a Secure Vibe Coding Workflow Looks Like
- Generate โ Use your [AI coding tool](/blog/best-ai-coding-tools) of choice to write code fast
- Scan โ Run the output through a security scanner like [VibeSniffer](https://vibesniffer.com) before committing
- Review โ Actually read the security-relevant parts (auth, input handling, crypto, SQL)
- Test โ Run your security tests and dependency audits
- Ship โ Now you can ship with confidence
Your Action Items
Here's what to do this week:
- Audit your last 5 AI-generated commits for the patterns above
- Add a secrets scanner to your CI pipeline (takes 10 minutes)
- Set up [VibeSniffer](https://vibesniffer.com) to catch AI-specific security anti-patterns
- Add input validation to any endpoint that's currently trusting raw user data
- Switch any `Math.random()` token generation to `crypto.randomUUID()`
AI is the copilot. You're still the pilot. And the pilot checks the instruments before takeoff.
---
*Building something with AI? [VibeSniffer](https://vibesniffer.com) scans your codebase for the exact security anti-patterns AI tools produce. Check it out โ your future self will thank you.*
*Want the full vibe coding toolkit? Grab the [Vibe Coder Starter Kit](https://wolfpacksolution.gumroad.com) โ templates, prompts, and workflows for shipping fast without shipping vulnerabilities.*
---
๐บ Free Resource: Get 200 AI coding prompts free โ [wolfpacksolution.gumroad.com/l/ai-prompt-pack](https://wolfpacksolution.gumroad.com/l/ai-prompt-pack)
๐ More from WolfPack: [DeFi Toolkit ($9)](https://wolfpacksolution.gumroad.com/l/vrioms) ยท [Vibe Coder Kit ($14)](https://wolfpacksolution.gumroad.com/l/knrqqt)