Now that AI has become the main tool used by developers to write code, even in open source environments, it will be how feds will slip in backdoors to applications because nobody is going to review the logic of 20000 lines written by AI in a single commit.
Unless projects completely ban use of AI and only allow small commits, this is going to be inevitable. I’ve been seeing so many applications merging AI slop to their code on github already.


Are we talking about LLMs being intentionally built to introduce backdoors despite the LLM user intentions or are we talking about attackers using LLMs to write their backdoors?
The first seems less likely. The second wouldn’t really be blamed on the LLM, at least not in a way that leads to the LLM being shunned by people that otherwise support the use of LLMs.
If we are talking about LLMs introducing backdoors despite the intentions of the LLM user, that might be targeted to specific projects.
I assumed OP meant LLMs inserting backdoors without the dev intending it. Intentional backdoors would not be a new problem