Vibe Coding Tested: AI Agents Nail SQLi but Fail Miserably on Security Controls

The term "vibe coding"—using generative AI to write software—has moved from experimental labs to mainstream development teams, promising faster delivery cycles and lower staffing costs. Companies can ask a language model to produce functional code with a simple prompt, allowing non‑engineers to contribute to product builds. However, this convenience masks a fundamental trade‑off: AI models excel at reproducing well‑documented patterns but lack innate security awareness. As organizations lean on these tools to stay competitive, the hidden risk of insecure code becomes a strategic liability that security leaders can no longer ignore.

Tenzai’s recent benchmark of five popular coding agents revealed a mixed security picture. Across fifteen applications, the models avoided classic injection flaws such as SQLi and XSS, yet every agent introduced server‑side request forgery (SSRF) vulnerabilities and mishandled authorization checks, allowing unauthorized API access. Business‑logic errors—like permitting negative order quantities or prices—appeared in the majority of outputs, reflecting the models’ dependence on explicit prompt details. Most strikingly, the agents consistently omitted fundamental security controls, such as input validation layers or least‑privilege configurations, indicating that current AI‑assisted development cannot replace disciplined security engineering.

For enterprises, the takeaway is clear: AI‑generated code must be treated as a draft, not production‑ready software. Organizations should embed automated static analysis and dynamic testing into the AI coding workflow, and invest in prompt‑engineering training to ensure security requirements are explicitly encoded. Vendor‑level improvements, like built‑in security heuristics, will likely evolve, but they will not eliminate the need for human oversight. By pairing vibe coding with rigorous security gating, firms can capture productivity gains while safeguarding their applications against the very vulnerabilities that Tenzai’s study uncovered.