An AI State of the Union: We’ve Passed the Inflection Point, Dark Factories Are Coming, and Automation Timelines | Simon Willison

The November 2025 milestone, highlighted by the release of GPT‑5.2 and Opus 4.5, signaled that AI coding agents transitioned from "mostly works" to "actually works." Developers report dramatic productivity gains, with many, like Simon Willison, completing the majority of their work on mobile devices. This rapid adoption is compressing development cycles, enabling real‑time iteration, and prompting a reevaluation of traditional IDE‑centric workflows.

Beyond speed, the emerging "dark factory" paradigm envisions AI systems that not only write code but also perform self‑review, testing, and deployment without human intervention. While this promises unprecedented efficiency, it also amplifies security risks. Prompt injection attacks remain largely unmitigated, and the so‑called lethal trifecta—private data exposure, untrusted content ingestion, and uncontrolled external communication—could precipitate catastrophic failures reminiscent of the Challenger disaster. Robust guardrails, provenance tracking, and continuous monitoring are becoming essential components of any AI‑augmented development stack.

The workforce implications are equally profound. Mid‑career engineers, whose expertise centers on manual coding and debugging, face the greatest displacement risk, whereas junior developers may find new entry points through agentic engineering patterns like red/green TDD, templating, and code hoarding. Companies must invest in upskilling programs, adopt hybrid human‑AI workflows, and prioritize AI security governance to stay competitive. Those that navigate this transition thoughtfully will harness AI’s full potential while safeguarding against its inherent vulnerabilities.