Study of 44 Developers: AI Code Assistants Barely Improve Secure API Usage
arXiv·high signal
A controlled study of 44 developers (arXiv 2607.11348) finds AI code assistants marginally improve correctness but do not meaningfully improve secure usage of security-sensitive APIs. It's an evidence-based cautionary data point for teams assuming copilots automatically harden code. Practitioners should keep security review in the loop rather than trust assistant output on crypto/auth APIs.