Last year I thought that AI-generated code would be scanned the same way as human-generated code. What I realized from working on Guardian was that being in the agent loop is an unfair advantage: you can ask the agent to switch to a secure library (eg, defusedxml for python) and it will happily do it before code lands. If you asked a developer to do that in a CI code review, it's a lot more context switching and work.

That means there is an unprecedented opportunity to make both security and developer outcomes better by shaping agent behavior towards secure defaults. Even things like "don't add dependencies unless these conditions are met; we only want top1000 NPM dependencies, otherwise just write it yourself."

Capabilities like this will have a big impact on the OSS ecosystem (positive and negative) as they profilerate.