AI code review

Copilot shipped CWEs in 40% of NYU's 2021 scenarios

Why working AI-generated code still gets rejected in security review: functional correctness is not security correctness, and CWEs ride through clean output.