Your AI Wrote That Code. Did It Also Leave the Door Open?

I had an uncomfortable realisation recently while auditing my own projects.

I've been building fast. Web apps, data dashboards. Using AI tools to accelerate everything. And somewhere in the middle of all that momentum, I stopped reading the code as carefully as I used to. Not because I stopped caring. Because the output looked fine. It ran. It shipped.

That's exactly the problem.

What's Actually Happening Right Now

This isn't a theoretical risk. The data from Q1 2026 is genuinely alarming.

Researchers at Georgia Tech have been tracking CVEs directly caused by AI-generated code. In January 2026 there were 6. By February, 15. By March, 35. That's not a blip. That's a curve.

Between 40 and 62% of AI-generated code contains security vulnerabilities, depending on the study. In Q1 2026, 91.5% of vibe-coded apps had at least one AI hallucination-related flaw. And the Lovable platform — valued at $6.6 billion with eight million users — spent the past two months dealing with incidents that collectively exposed source code, database credentials, AI chat histories, and personal data of thousands of users.

The supply chain situation is just as bad. In March 2026, the LiteLLM package on PyPI was compromised, potentially exposing 500,000 credentials including API keys for Meta, OpenAI, and Anthropic. In April, a Bitwarden CLI package on npm was hijacked with a payload specifically designed to harvest credentials from AI coding tools including Claude Code, Cursor, Codex CLI, and Aider.

And here's the part that got my attention: stolen data was uploaded to private Hugging Face datasets, meaning malicious traffic blended seamlessly with everyday AI research activity and easily evaded scrutiny.

The tools we trust are becoming the attack surface.

A Quick Audit You Can Run Today

If you've been building with AI tools and haven't checked your projects, here's where to start. This is not exhaustive. It's the minimum.

Step 1 — Scan for secrets accidentally committed to git

brew install gitleaks
gitleaks detect --source=. -v

If you've ever pasted an API key into a file and committed it, even briefly, this will find it.

Step 2 — Audit your Python dependencies

pip install pip-audit --break-system-packages
pip-audit

Step 3 — Audit your Node dependencies

npm audit --audit-level=moderate

Step 4 — Check for dangerous patterns in your own code

grep -rn "exec\|eval\|base64.decode\|os.system" . \
  --include="*.py" --include="*.js" \
  --exclude-dir=node_modules

Step 5 — Verify no .env files are tracked in git

git ls-files | grep -E "\.env|\.key|\.pem|secret|credential"

That's it for a first pass. It takes less than ten minutes and most people have never done it.

Habits That Actually Help

These aren't one-time fixes. They're the baseline I'm now holding myself to.

  1. Read the code AI generates before running it. Not every line. But every file that touches auth, credentials, or external APIs. AI hallucinates permissions. It adds network calls you didn't ask for. It misconfigures database access. The output looks clean because it's well-formatted, not because it's safe.

  2. Never commit a secret. Ever. Use .env files. Add them to .gitignore before you write a single line. Use a secrets manager like Doppler or AWS Secrets Manager for anything production-facing. GitHub's secret scanning can catch it after the fact, but once a key has been committed and pushed, assume it's compromised.

  3. Run npm audit and pip-audit regularly. Attackers are now publishing malicious versions of legitimate packages in coordinated campaigns, affecting well-known projects across both npm and PyPI in the same wave. Weekly is not paranoid. It's appropriate.

  4. Pin your dependencies. Loose version ranges like ^1.2.0 mean you can get a different package next week than you tested with. A malicious @bitwarden/cli version was published that impersonated the legitimate CLI, executed a credential-stealing payload, and self-propagated by backdooring every npm package the victim could publish. Pinning doesn't fully prevent this, but it reduces your exposure window.

  5. Check what's actually installed before you install it. For Homebrew: brew cat <package> shows you the formula. For PyPI and npm, look at the maintainer account — how old is it? How many other packages? A 3-day-old account with one package that does something useful is a red flag.

  6. Rotate credentials on a schedule. GCP service accounts, AWS keys, API tokens. If you can't remember when you last rotated them, rotate them now. This is boring work. It's also the work that matters most.

  7. Be careful with third-party Homebrew taps and AI model sources. Attackers are actively abusing AI platforms like Hugging Face for malware delivery, exploiting trust in AI ecosystems to embed malicious functionality that can trigger further actions through AI-driven workflows. The trust we extend to these platforms is the attack vector.

The Honest Caveat

I'm not a security professional. I'm a builder who got serious about this after looking at the 2026 numbers and recognising my own habits in the risk profile.

The vibe coding reckoning isn't coming. It's here. And it's targeting exactly the kind of developer who builds fast, ships often, and trusts the AI output because it works.

Working and safe are not the same thing.

I'm still tightening my own setup. I'm running these audits across my active projects this week. If you've been building with AI tools and haven't done a security pass yet, this is a reasonable place to start.

What's the security check you've been meaning to do but keep putting off? I'm genuinely curious what the gap is for most builders.