The Core Problem: Pattern Replication Over Security

by davidtechLeave a comment 5 min read 
AI code generators can create code vulnerable to SQL injection. This is one of the most prominent and well-documented security risks associated with the rise of "vibe coding" and AI-assisted software development. While these tools can significantly boost productivity, they often replicate insecure patterns from their training data, leading to critical flaws in the applications they help build.

AI Large Language Models (LLMs) are trained on vast public codebases, which include both excellent, secure examples and poor, outdated, or vulnerable code . The models are optimized to generate functional code that matches a user’s prompt, not necessarily code that adheres to strict security principles. They lack a true understanding of context, architecture, and the potential for malicious input .

This leads to several issues:

  • Unsafe Defaults: The most statistically common way to write a database query in public code might be through string concatenation, so the AI defaults to that.
  • Hallucinated “Security”: AI can sometimes invent non-existent security functions like escapeSQL(), giving developers a false sense of security .
  • Context Blindness: A model doesn’t inherently know which pieces of data are user-controlled and therefore untrusted. This contextual understanding is critical for applying proper sanitization and validation .

A 2025 study by Veracode found that, when given tasks without specific security instructions, LLMs generated insecure functions 45% of the time . Another analysis by Armis Labs showed that an application built with AI assistance could easily accumulate numerous critical vulnerabilities, including SQL injection, cross-site scripting (XSS), and buffer overflows .

Insecure AI-Generated Code Examples

The most common injection flaw is SQL injection (CWE-89), where an attacker can manipulate a database query by inserting malicious SQL code into an input field.

❌ The Insecure Way (What AI Might Generate)

When given a simple prompt like “write code to get a user by ID from the URL,” an AI model might produce this vulnerable PHP code:

<?php
// Insecure Example: AI-generated code vulnerable to SQL injection
$id = $_GET['id']; // User input is taken directly from the URL
$result = mysqli_query($conn, "SELECT * FROM users WHERE id = $id"); // ... and concatenated into the query
?>

If a user sets the id parameter in the URL to 1; DROP TABLE users; --, the query becomes SELECT * FROM users WHERE id = 1; DROP TABLE users; --, which could delete the entire users table. The AI chose the functional but dangerously insecure method of string concatenation.

✅ The Secure Way (What AI Should Generate)

A secure implementation would use parameterized queries (also known as prepared statements). This technique separates the SQL logic from the data, ensuring that user input is treated as data only and cannot be interpreted as executable code.

Here are the safe alternatives in different languages, which a well-prompted AI can generate:

Python (with sqlite3):

import sqlite3

def get_user(user_id):
    # Secure: Using a parameterized query
    query = "SELECT * FROM users WHERE id = ?"
    cursor.execute(query, (user_id,))
    return cursor.fetchone()

PHP (with MySQLi):

<?php
// Secure Example: Using a prepared statement
$id = $_GET['id'];
$stmt = $conn->prepare("SELECT * FROM users WHERE id = ?");
$stmt->bind_param("i", $id); // The user input is bound as a parameter, not part of the SQL string
$stmt->execute();
$result = $stmt->get_result();
?>

C# (with SQL Server):

string query = "SELECT * FROM Users WHERE Name = @name";
using (SqlCommand command = new SqlCommand(query, connection))
{
    // Secure: Using a parameterized query with @name placeholder
    command.Parameters.AddWithValue("@name", userName);
    using (SqlDataReader reader = command.ExecuteReader())
    {
        // Process results
    }
}

The key difference is that the user input ($id, user_id, @name) is passed to the database engine separately from the query structure, making SQL injection impossible.

Recommendations for Secure AI-Assisted Coding

The responsibility for security ultimately lies with the developer. AI is a tool that must be wielded with care. Here’s how to integrate it safely into your workflow:

  1. Adopt a “Secure by Design” Prompting Strategy: The way you prompt the AI has a massive impact on the security of its output. Instead of a vague request, embed security requirements directly into your comments and prompts .
    • Instead of: // Write code to get user by id
    • Use: // Query database for user by name using a parameterized query to prevent SQL injection
  2. Treat AI as a Junior Developer, Not a Senior Architect: Always review, test, and validate every piece of code generated by AI. Do not assume it is correct or secure. Just as you wouldn’t deploy code from an untrained intern without a review, you shouldn’t deploy AI-generated code without scrutiny .
  3. Integrate Automated Security Testing: Shift left by incorporating security tools directly into your development pipeline.
    • Static Application Security Testing (SAST): Use tools like SonarQube or GitHub CodeQL to automatically scan AI-generated code for vulnerabilities like SQL injection as soon as it’s written .
    • Dynamic Application Security Testing (DAST): Test the running application to find vulnerabilities that might only appear during execution.
  4. Establish and Enforce Secure Coding Standards: Your team should have clear, documented guidelines for secure coding (e.g., “always use parameterized queries,” “use approved cryptography libraries”). These standards can be referenced in prompts and used during code reviews to ensure consistency .
  5. Be Wary of “Vibe Coding” Without Oversight: The practice of “vibe coding”—where developers accept AI suggestions without full understanding—is particularly dangerous. It can lead to a “curate’s egg” program that is good in parts but critically flawed in others, accumulating significant security debt and business logic errors . Always maintain human oversight and understanding of the codebase.

Conclusion

AI code generators are powerful tools that can accelerate development, but they are not a replacement for secure coding practices. They excel at producing functional code but can just as easily produce functional code that is dangerously vulnerable. By understanding these risks, prompting for security, and integrating rigorous testing and review processes, development teams can harness the power of AI without compromising the security of their applications.