AI: Bias and Unreliability

Models sometimes recommend insecure or non-existent code libraries. AI systems often suggest deprecated functions, insecure authentication methods, or libraries with known vulnerabilities. When developers implement these suggestions without verification, they introduce critical vulnerabilities.

The frequency of hallucinated packages using GPT-4

Security research Bar Lanyado published research detailing how one might pose a coding question to an Chat GPT-4 and receive an answer that recommends the use of a software library, package, or framework that doesn't exist.