AI coding assistants are trained on public repositories. This means they have internalised every insecure pattern, every vulnerable snippet, and every deprecated API call that has ever been committed to GitHub. When they generate code for your team, they reproduce these patterns with perfect confidence — and your CI pipeline has no way to tell the difference.
The new threat model
The traditional security pipeline — dependency scanning, SAST, DAST — was built for a world where developers wrote code intentionally. Every vulnerability had a traceable origin: a developer who misunderstood an API, a library with a known CVE, a configuration that drifted.
AI-generated code breaks this model. The vulnerabilities it introduces don't come from ignorance or negligence — they come from statistical patterns in training data. The AI doesn't know that the auth pattern it just generated was deprecated in 2023. It doesn't know that the SQL query it wrote is safe against the injection vectors in your test suite but vulnerable to a unicode normalisation attack it has never seen.
Common AI-introduced security patterns that bypass traditional scanners:
- Outdated cryptography — AI generates
MD5orSHA1hashes for security-sensitive operations because that's what most training data contains - Permissive CORS configuration —
Access-Control-Allow-Origin: *in API routes because the AI copied from tutorial code - Insufficient input sanitisation — validation that covers the happy path but misses encoding edge cases
- Hardcoded secrets in examples — AI interpolates placeholder secrets that look like real values and pass basic regex scanners
- Timing-safe comparison bypass — using
===instead ofcrypto.timingSafeEqualfor token comparison
How autter catches what scanners miss
autter doesn't replace your existing security tooling — it adds a layer of contextual, AI-aware analysis that understands why certain patterns are dangerous in your specific codebase.
Pattern-aware vulnerability detection
autter maintains a continuously updated catalogue of AI-generated vulnerability patterns — the specific ways AI assistants tend to produce insecure code. This goes beyond generic SAST rules:
// Traditional SAST: no finding (syntactically correct, type-safe)
// autter: SECURITY — timing-unsafe token comparison
// Risk: allows timing attacks to leak token contents byte-by-byte
export async function verifyApiKey(provided: string, stored: string) {
// AI-generated: looks correct, passes type checks
return provided === stored;
// autter suggests:
// return crypto.timingSafeEqual(
// Buffer.from(provided),
// Buffer.from(stored)
// );
}Dependency chain analysis
When AI suggests adding a dependency, autter evaluates the entire transitive dependency tree — not just for known CVEs, but for behavioural anomalies:
| Check | What autter looks for |
|---|---|
| Known vulnerabilities | CVE database + GitHub Security Advisories |
| Behavioural anomalies | New network calls, filesystem access changes, env var reads in recent versions |
| Maintainer reputation | Single-maintainer packages, recent ownership transfers |
| Supply chain signals | Typosquatting, star inflation, sudden publish frequency changes |
| License compatibility | Copyleft contamination in permissive-licensed projects |
Secrets detection with context
Generic secret scanners use regex patterns and entropy analysis. They catch AKIA... and ghp_... patterns — but miss secrets that are contextually dangerous:
# Generic scanner: no finding (not a standard secret pattern)
# autter: WARNING — database connection string with credentials
# embedded in source. Use environment variables.
DATABASE_URL = "postgresql://admin:Prod2026$ecure@db.internal:5432/main"autter understands that this string contains credentials not because of its format, but because of its role in the codebase — it's being passed to a database connection constructor.
Enforcement at the merge gate
Security findings in autter are categorised by severity and enforced before merge:
# autter.config.yml
security:
# Block merge on critical/high findings
block_on:
- critical
- high
# Warn but allow merge on medium
warn_on:
- medium
# Auto-approve known false positives
allowlist:
- rule: timing-unsafe-comparison
path: "tests/**" # OK in test code
reason: "Test assertions don't need timing safety"
# Require security team review for specific paths
require_review:
- path: "src/auth/**"
team: "@security-team"
- path: "src/payments/**"
team: "@security-team"Real-world example
A SaaS team using Copilot for a payments integration noticed autter flagging a series of issues in a single PR:
- Critical — The AI-generated webhook handler didn't verify the signature of incoming Stripe events, allowing anyone to forge payment confirmations
- High — The error handler logged the full request body, which contained credit card tokens, to the application's general log stream
- Medium — The retry logic used exponential backoff but without jitter, creating thundering herd risk under load
All three issues passed the team's existing CI pipeline — TypeScript compiled, tests passed, the Stripe SDK was correctly imported. The issues were semantic: the code did what it said, but what it said wasn't safe.
Defence in depth
autter works alongside your existing security tools, not instead of them:
| Layer | Tool | What it catches |
|---|---|---|
| Dependencies | Dependabot / Snyk | Known CVEs in direct and transitive deps |
| Static analysis | Semgrep / SonarQube | Generic vulnerability patterns |
| AI-aware merge gate | autter | AI-specific vulnerability patterns, contextual analysis, convention enforcement |
| Runtime | WAF / RASP | Exploitation attempts in production |
The merge gate is the last checkpoint before code reaches your deployment pipeline — and the first checkpoint that understands the difference between human-written and AI-generated code.
Getting started
# Enable security analysis on your repo
npx autter init --security
# Run a one-time security audit on your existing codebase
npx autter audit --security --since="30 days ago"autter's security analysis is included in all plans. No additional configuration needed beyond connecting your repository.
