Understanding the (In)Security of Vibe-Coded Applications
arXiv·high signal
A systematic study of applications built through 'vibe coding' — natural-language interaction with AI agents — finds that the speed of LLM-driven app generation routinely outpaces security review, leaving common classes of vulnerabilities in shipped code. For builders relying on agentic coding daily, it's a direct empirical caution: AI-generated apps need an explicit security pass, not just functional acceptance.