InfoWorld argues that AI coding agents expand open source dependency risk by selecting packages, following repository instructions, and importing tool outputs, citing recent npm attacks and research showing agents choose known-vulnerable package versions more often than humans.
AI’s brave new world of technical debt
InfoWorld argues that AI coding agents expand open source dependency risk by selecting packages, following repository instructions, and importing tool outputs, citing recent npm attacks and research showing agents choose known-vulnerable package versions more often than humans.
Source: Infoworld