
I Built a Linter That Catches Security Bugs AI Assistants Keep Writing
I’ve been watching AI coding assistants write the same security bugs for two years. Not random bugs — the same predictable, systematic auth anti-patterns, over and over. So I built a linter that catches them before they ship. Here’s what I found when I scanned 132 AI-generated repositories: 27% had at least one authentication security finding. 18% had a HIGH+ severity finding. The most common pattern — non-constant-time secret comparison — showed up in 13% of repos. That’s not a coincidence. That’s a pattern. ...