AI coding assistants are transforming software development. The debate is no longer about whether to adopt them, but how to integrate them without compromising platform security, code quality, or operational compliance.
AI has changed the economics of code production
Whether you're developing software in a proprietary enterprise or open source environment, you've witnessed a fundamental shift over the past year. Your developers are using AI coding assistants (GitHub Copilot, Cursor, Claude Code, ChatGPT Codex, etc.) to accelerate development. Productivity gains are real—features can ship faster and developers can spend more time on architecture and less on writing repetitive code.
But this acceleration introduces new challenges for enterprise teams.
Developers: AI generates code in seconds that would take hours to write manually. The temptation to merge without thorough review is strong, especially under deadline pressure.
Architects: It's becoming more complicated to maintain security standards, code quality, and architectural consistency across teams generating AI-assisted code at an unprecedented scale.
Security teams: Increased code review volume and speed. Pull requests and issues reports arrive faster, contain more code, and require scrutiny for AI-specific vulnerabilities that haven’t been seen before.
This isn't just an enterprise problem. At Red Hat, we’re observing the same pattern in open source communities as well. A maintainer shared their experience with this AI-generated pull requests (PRs) in the blog post, "Open source has a bot problem." Maintainers need to review machine-generated contributions at machine speed but with human-level attention. The enterprise faces the same challenge with higher stakes. A security vulnerability in production doesn't just affect reputation, it impacts revenue, compliance, and customer trust.
Security risks are documented and material
The Open Worldwide Application Security Project (OWASP) Agentic Top 10 for 2026 identifies security threats in this new development era and almost half are connected to AI-assisted development:
- ASI02: Tool Misuse and Exploitation: AI-crafted code can trigger trusted legitimate tools (like CI/CD testing) to perform malicious actions
- ASI04: Agentic Supply Chain Vulnerabilities: AI assistants may introduce dependencies with known CVEs or incompatible licenses
- ASI05: Unexpected Code Execution: Generated code may bypass security controls or execute with unintended privileges
- ASI09: Human-Agent Trust Exploitation: Developers over-trust AI output and skip validation steps
These risks are manifesting in enterprise systems today, resulting in an expanded attack surface. With AI-generated coding, threats range from the distracting noise of AI "slop" and systemic maintainer burnout to sophisticated social engineering and CI/CD pipeline compromises and catastrophic software supply chain attacks. Far from a hypothetical warning matrix, each layer of this compounding threat is backed by documented, real-world incidents. To survive it, your traditional security workflow needs to evolve as well.
As we transition toward a comprehensive AI software development lifecycle (AI-SDLC), enterprises must adopt a rigorous, multilayered defense posture at every phase of the pipeline, spanning from code development and review to automated testing and final deployment. Protecting these highly autonomous systems requires complex operational frameworks, using isolation techniques such as AI agent sandboxing. Yet, while fortifying the entire agentic architecture is essential, let's focus on one foundational and incredibly critical piece of this broader AI security strategy: how to practically make AI-assisted coding safer for developers and architects right now.
A 3-pillar framework for AI-assisted coding
AI-assisted development in the enterprise requires coordinated action across policy, skills, and automation.
1. Policy: Establish governance and accountability
Enterprise leaders need to clearly define their approach to AI code generation. Some enterprises still ban the use of AI assistants in production while others allow unrestricted use. Both approaches are bound to fail.
Banning AI assistants drives developers to shadow IT where they use unapproved tools without security oversight, leading to a lack of visibility and control. Unrestricted use, on the other hand, creates compliance and security gaps. Developers merge AI-generated code without understanding licensing implications, security risks, or architectural misalignment. The effective approach is to define a clear AI-assisted development policy that balances innovation with governance. We see these patterns equally applicable to enterprise and open source development. For example, Red Hat helped the Fedora Project to come up with a responsible and meaningful AI Contribution Policy that was agreed upon by all community leaders.
Red Hat has also published AI-assisted development: Supercharging the open source way, which includes 7 principles for AI-assisted code development, based on both internal practices and open source community experience. Here are some of the practical suggestions for developers:
- Human accountability: The developer submitting AI-generated code owns the security and quality outcomes. AI doesn't sign commits, developers do.
- Engineering best practices: Code review, testing, CI/CD gates, and security scans don't disappear because AI wrote the code.
- Security-conscious: AI-generated code should be treated as untrusted input until validated.
- Security-focused prompts: Developers must learn to prompt AI assistants toward security-focused patterns. Before submitting code, ask your AI assistant to identify security issues, edge cases, or logic errors.
For architects and engineering leaders, these principles translate into actionable governance:
- AI tools: Standardize on enterprise-licensed AI coding assistants with appropriate data governance and privacy controls.
- Developer guidelines: Extend existing code review, security, and quality standards to explicitly address AI-generated code.
- Accountability: Developers own AI-assisted code. Managers enforce accountability in code reviews and post-incident reviews.
2. Skills: Security-focused use of AI
Software development uses AI tools now, but knowledge is still uniquely human. Security-focused prompting isn't intuitive and isn't something you can fully outsource to AI. Developers need training on how to guide AI assistants toward security-focused, maintainable code. Red Hat experts collaborated with other industry leaders to release OpenSSF Security-Focused Guide for AI Code Assistant Instructions that provides practical patterns for secure prompting and Linux Foundation's Secure AI/ML-Driven Software Development course (free for everybody) offers foundational training on AI security risks and mitigation strategies.
But there's a more powerful approach emerging: embedding security skills directly into AI tools. Red Hat Product Security has open sourced prodsec-skills, a library of more than 130 security skills that AI coding assistants can use while writing, testing, and auditing code.
What are security skills?
Security skills encode security best practices, security-focused architecture guidance, software supply chain hardening, and vulnerability testing strategies in a format AI assistants can read and apply. Instead of relying on developers to remember every secure coding principle, skills embed expertise directly into the AI's workflow.
The library is constantly evolving, but it currently includes:
Category | Skills | Purpose |
Secure development | 113 | Building security-centric software: cryptography, supply chain security, AI/agentic infrastructure, technology-specific hardening |
Security testing | 17 | Vulnerability discovery through fuzzing and static analysis |
Security auditing | 4 | Security review workflows and differential code analysis |
Developer tooling | 4 | General development best practices |
Skills are tool-agnostic—they work with Claude Code, Cursor, GitHub Copilot, ChatGPT, and any AI assistant that can read Markdown files.
How can developers use AI skills
When reviewing API handler code for security risks, a developer can prompt their AI assistant to use an input-output-sanitization skill to review for injection vulnerabilities. The assistant reads the skill, applies structured security guidance, and surfaces issues the developer might have missed.
To streamline skills deployment across enterprises, you can use AI context package manager LoLa to install only skills that you trust. Use the following command to instantly equip your development environment with localized secure development intelligence without any tedious manual configuration.
lola mod add https://github.com/RedHatProductSecurity/prodsec-skills.git
lola install prodsec-skills --assistant claude-code3. Automation: Build AI-aware CI/CD pipelines
Manual code review can't scale to meet AI speed. In the popular open source projects and in enterprises where dozens of developers submit AI-assisted code daily, human review becomes a bottleneck. The solution is to build an AI-aware CI/CD pipeline.
A modern enterprise pipeline for AI-generated code looks something like this:
[Alt text: AI-generated code pipeline]
Each stage serves a specific purpose:
AI slop filter: Use commit message analysis, code churn metrics, and test coverage thresholds to flag low-quality AI submissions. Fortunately, you don't have to build these defenses from scratch. The open source community is actively delivering solutions like Anti Slop. This is a tool that grades pull requests across 31 criteria, giving reviewers a clear, data-driven idea of overall code quality even before they begin reading.
SAST/DAST (Static Application Security Testing, Dynamic Application Security Testing): AI-generated code is just as vulnerable to SQL injection, cross-site scripting (XSS), and other classic OWASP Top 10 issues. AI tools should be built to scan for AI-specific vulnerabilities (prompt injection, unexpected code in the instruction files, trust exploitation). Check out RapiDAST, an open source API and large language model (LLM) red team scanner, developed and open sourced by Red Hat.
Dependency and CVE scan: AI assistants often suggest libraries without understanding their security posture. Automated scanning catches dependencies with known vulnerabilities or licensing conflicts before merge. There are plenty of open source and commercial secure composition analysis (SCA) tools that help you to block merges with vulnerable dependencies.
AI-assisted code review: Use AI to review AI-generated code. Tap the growing ecosystem of automated review tools, many of which provide free tiers for open source repositories. To get a clear idea of how this capability works, check out the AI Code Review tool, which was built and open sourced by the engineering team at Red Hat.
Human review: Humans are still needed to review flagged issues, validate architectural decisions, and make the final call on merge safety. Automation raises the baseline quality and filters noise, but humans retain final authority and accountability. When code reaches the human review stage, most automated checks have passed, allowing reviewers to focus on architecture, business logic, and edge cases rather than syntax and common vulnerabilities.
The vulnerability management challenge doesn't disappear
Besides dealing with an increased volume of code contributions, open source projects and companies are dealing with a growing avalanche of vulnerability reports. According to FIRST (Forum of Incident Response and Security Teams) Vulnerability Forecast for 2026, it is entirely realistic that we will see up to 100,000 vulnerabilities registered in 2026, which is more than double compared to 2025.
Here's a critical question for enterprise leaders: Can your organization pause vulnerability management, just because there are too many reports?
Of course not. AI-generated issues don't reduce your security workload but it increases it. You still need to:
- Patch CVEs in dependencies
- Respond to security advisories
- Triage vulnerability reports
- Maintain compliance or industry-specific regulations
AI-powered tools help researchers or developers report potential vulnerabilities faster than ever before. Your security team needs tools to keep pace processing them.
Red Hat Product Security built Project Aegis-AI to accelerate security analysis using AI. It helps security teams triage vulnerabilities, assess impact, and prioritize remediation without sacrificing rigor.
Whether you’re handling incidents in an enterprise or reviewing vulnerability reports as an open source maintainer, the reality is the same: you must be ready for the flood of reported CVEs and prepare to navigate the Mythos-haunted world of platform security. As stated in the 2025 Red Hat Product Security Risk Report, we tracked active exploitation of vulnerabilities that were first disclosed years earlier, including a Linux kernel flaw from 2021 that only appeared in CISA’s Known Exploited Vulnerabilities catalog in October 2025.
As both AI-assisted development and accelerated vulnerability hunting shrinks time-to-exploitation from months to days to hours, ignorance or further technical debt growth are no longer options.
What enterprise teams can start doing today
There needs to be a concerted effort at all levels of the organization, but start today and start simple. Engineering leaders need to define AI code policy and establish clear guidelines on approved AI tools, acceptable use, and accountability. The CI/CD pipelines need to be AI ready and be able to detect low-quality AI contributions, scan for AI-specific vulnerabilities, and enforce AI-assisted but still human-touched review before production merges.
The developers should assume AI-generated code has bugs and never merge AI output without reading, testing, and understanding it. They should use security-focused prompts and guide AI assistants toward secure patterns—reference OpenSSF guide for examples. They should also leverage security skills by installing prodsec-skills and referencing them when writing security-sensitive code. When submitting a pull request (PR), write meaningful commit messages and PR descriptions explaining what the code does and why.
Bottom line
AI coding assistants are productivity multipliers but only when used with discipline, governance, and security rigor. The enterprises that succeed with AI-assisted development will:
- Establish clear policies that balance innovation with accountability.
- Train developers to use AI securely and responsibly.
- Build automated quality gates that scale with AI-generated code volume.
- Maintain robust vulnerability management and compliance programs.
AI is a tool, not a developer. Treat it accordingly.
Learn more
Policy and governance
Developer training
- Security-Focused Guide for AI Code Assistant Instructions (Open Source Security Foundation OpenSSF)
- Secure AI/ML-Driven Software Development (Linux Foundation no-cost training)
Tools and libraries
Security frameworks
Community and standards
关于作者
Roman is a cybersecurity expert with 17+ years of experience securing complex systems and products. Roman leads open-source security strategy and cross-industry collaboration at Red Hat. Formerly, he led Product Security & Privacy for Data Center and AI software at Intel. Roman contributes to global open-source security initiatives and standardization efforts, including the EU Cyber Resilience Act. He is also a university lecturer, startup advisor, and mentor, advocating for practical and responsible cybersecurity.
Ishu Verma is an AI Solution Architect at Red Hat dabbling in emerging technologies like AI Ops, AI safety and security. He, along with fellow open source hackers, works on building enterprise focused solutions with open source technologies. Prior to Red Hat, Ishu worked in technical marketing at Intel on IoT Gateways and building end-to-end IoT solutions with partners.
