AI coding agents face reliability, security issues, limiting production use

Mounting new analyses warns AI coding tools suffer errors, security flaws, and operational challenges, requiring continued human oversight for safe deployment.

AI-powered coding agents, touted as productivity boosters, remain unreliable and error-prone, according to a new analysis published by VentureBeat this week.

The assessment, authored by software engineer Rahul Raja and machine learning specialist Advitya Gemawat, has warned that persistent technical flaws prevent these tools from being safely deployed in production environments.

The authors report that AI agents often fail at basic operational tasks, from executing Linux commands within PowerShell to producing repetitive error loops. Such failures force engineers to vigilantly monitor and correct the systems’ output — eroding efficiency gains that vendors frequently advertise. Also:

• Key technical limitations include difficulties navigating mixed operating environments, restricted context windows that prevent the agents from handling large codebases, and unstable performance when dealing with files exceeding 500 KB.
• Frequent “hallucinations” occurred, where systems wrongly categorized valid code as security threats. In one instance, an AI repeatedly flagged a standard Python HTTP-trigger function as unsafe, halting development workflows.
• Security lapses posed additional risks. Many coding agents tested had reverted to outdated authentication mechanisms, such as static client secrets, instead of identity-based access methods — potentially introducing exploitable weaknesses.

The findings add to growing skepticism about agentic AI systems. Other analyses carried by Reuters have projected that more than 40% of such projects could be abandoned by 2027 amid rising operational costs and limited returns. A separate six-month investigation had announced on 6 Dec 2025 the discovery of over 30 security flaws in popular AI development tools — some capable of enabling data exfiltration or remote code execution.

Raja and Gemawat have concluded that, while AI coding software has accelerated prototyping and boilerplate generation, the meaningful deployment of this tool still demands human oversight. According to them, “The real challenge is not generating code but deciding what to deploy, how to secure it, and how to scale it safely.”