🐦 Twitter Post Details

Viewing enriched Twitter post

@omarsar0

Is Vibe Coding Safe? There is finally research that goes deep into this question. Here is what the research found: AI coding agents can write functional code. But functional doesn't mean safe. The rise of "vibe coding," where developers hand off tasks to AI agents with minimal oversight, is accelerating. More autonomy, more speed, more productivity. The assumption: if it works, it's good enough. But working code and secure code are not the same thing. This new research introduces SUSVIBES, a benchmark of 200 real-world feature requests from open-source projects, specifically tasks that previously led to vulnerable implementations when assigned to human programmers. The results are striking! When SWE-Agent with Claude Sonnet 4 tackles these tasks, 61% of solutions are functionally correct. Only 10.5% are secure. That's a massive gap. Six out of ten agent solutions work. Roughly one in ten is safe for production. The researchers tested multiple frontier agents and found a consistent pattern: all agents perform poorly in terms of software security. This isn't a model-specific issue. It's systemic. Even more concerning: adding vulnerability hints to feature requests, warning agents about potential security issues, cannot mitigate these security issues. The countermeasures that seem obvious don't work for these agentic systems. As developers or organizations race to adopt AI coding agents for speed and efficiency, they may be trading security for velocity. πŸ”– (bookmark it) Paper: https://t.co/ExZEjWLAxD

Media 1
View on Twitter

πŸ“Š Media Metadata

{
  "media": [
    {
      "url": "https://crmoxkoizveukayfjuyo.supabase.co/storage/v1/object/public/media/posts/1996595107924263287/media_0.jpg?",
      "media_url": "https://crmoxkoizveukayfjuyo.supabase.co/storage/v1/object/public/media/posts/1996595107924263287/media_0.jpg?",
      "type": "photo",
      "filename": "media_0.jpg"
    }
  ],
  "processed_at": "2025-12-04T20:37:25.115715",
  "pipeline_version": "2.0"
}

πŸ”§ Raw API Response

{
  "type": "tweet",
  "id": "1996595107924263287",
  "url": "https://x.com/omarsar0/status/1996595107924263287",
  "twitterUrl": "https://twitter.com/omarsar0/status/1996595107924263287",
  "text": "Is Vibe Coding Safe?\n\nThere is finally research that goes deep into this question.\n\nHere is what the research found:\n\nAI coding agents can write functional code. But functional doesn't mean safe.\n\nThe rise of \"vibe coding,\" where developers hand off tasks to AI agents with minimal oversight, is accelerating. More autonomy, more speed, more productivity. The assumption: if it works, it's good enough.\n\nBut working code and secure code are not the same thing.\n\nThis new research introduces SUSVIBES, a benchmark of 200 real-world feature requests from open-source projects, specifically tasks that previously led to vulnerable implementations when assigned to human programmers.\n\nThe results are striking!\n\nWhen SWE-Agent with Claude Sonnet 4 tackles these tasks, 61% of solutions are functionally correct. Only 10.5% are secure.\n\nThat's a massive gap. Six out of ten agent solutions work. Roughly one in ten is safe for production.\n\nThe researchers tested multiple frontier agents and found a consistent pattern: all agents perform poorly in terms of software security. This isn't a model-specific issue. It's systemic.\n\nEven more concerning: adding vulnerability hints to feature requests, warning agents about potential security issues, cannot mitigate these security issues. The countermeasures that seem obvious don't work for these agentic systems.\n\nAs developers or organizations race to adopt AI coding agents for speed and efficiency, they may be trading security for velocity.\n\nπŸ”– (bookmark it)\n\nPaper: https://t.co/ExZEjWLAxD",
  "source": "Twitter for iPhone",
  "retweetCount": 29,
  "replyCount": 10,
  "likeCount": 113,
  "quoteCount": 4,
  "viewCount": 15703,
  "createdAt": "Thu Dec 04 14:59:03 +0000 2025",
  "lang": "en",
  "bookmarkCount": 100,
  "isReply": false,
  "inReplyToId": null,
  "conversationId": "1996595107924263287",
  "displayTextRange": [
    0,
    274
  ],
  "inReplyToUserId": null,
  "inReplyToUsername": null,
  "author": {
    "type": "user",
    "userName": "omarsar0",
    "url": "https://x.com/omarsar0",
    "twitterUrl": "https://twitter.com/omarsar0",
    "id": "3448284313",
    "name": "elvis",
    "isVerified": false,
    "isBlueVerified": true,
    "verifiedType": null,
    "profilePicture": "https://pbs.twimg.com/profile_images/939313677647282181/vZjFWtAn_normal.jpg",
    "coverPicture": "https://pbs.twimg.com/profile_banners/3448284313/1565974901",
    "description": "",
    "location": "DAIR.AI Academy",
    "followers": 277867,
    "following": 724,
    "status": "",
    "canDm": true,
    "canMediaTag": true,
    "createdAt": "Fri Sep 04 12:59:26 +0000 2015",
    "entities": {
      "description": {
        "urls": []
      },
      "url": {}
    },
    "fastFollowersCount": 0,
    "favouritesCount": 33719,
    "hasCustomTimelines": true,
    "isTranslator": true,
    "mediaCount": 4356,
    "statusesCount": 16656,
    "withheldInCountries": [],
    "affiliatesHighlightedLabel": {},
    "possiblySensitive": false,
    "pinnedTweetIds": [
      "1996595107924263287"
    ],
    "profile_bio": {
      "description": "Building agents @dair_ai β€’ Ex Meta AI, Elastic, PhD β€’ Sharing research & insights on AI Agents β€’ New cohort: https://t.co/tn8LKG5d20",
      "entities": {
        "description": {
          "urls": [
            {
              "display_url": "dair-ai.thinkific.com/courses/claude…",
              "expanded_url": "https://dair-ai.thinkific.com/courses/claude-code",
              "indices": [
                109,
                132
              ],
              "url": "https://t.co/tn8LKG5d20"
            }
          ],
          "user_mentions": [
            {
              "id_str": "0",
              "indices": [
                16,
                24
              ],
              "name": "",
              "screen_name": "dair_ai"
            }
          ]
        },
        "url": {
          "urls": [
            {
              "display_url": "dair-ai.thinkific.com",
              "expanded_url": "https://dair-ai.thinkific.com/",
              "indices": [
                0,
                23
              ],
              "url": "https://t.co/JBU5beHQNs"
            }
          ]
        }
      }
    },
    "isAutomated": false,
    "automatedBy": null
  },
  "extendedEntities": {
    "media": [
      {
        "display_url": "pic.twitter.com/rNrYfvpkNr",
        "expanded_url": "https://twitter.com/omarsar0/status/1996595107924263287/photo/1",
        "ext_media_availability": {
          "status": "Available"
        },
        "features": {
          "large": {
            "faces": [
              {
                "h": 70,
                "w": 70,
                "x": 15,
                "y": 942
              }
            ]
          },
          "orig": {
            "faces": [
              {
                "h": 70,
                "w": 70,
                "x": 15,
                "y": 942
              }
            ]
          }
        },
        "id_str": "1996595104170254337",
        "indices": [
          275,
          298
        ],
        "media_key": "3_1996595104170254337",
        "media_results": {
          "id": "QXBpTWVkaWFSZXN1bHRzOgwAAQoAARu1VKs4WiABCgACG7VUrBgbwXcAAA==",
          "result": {
            "__typename": "ApiMedia",
            "id": "QXBpTWVkaWE6DAABCgABG7VUqzhaIAEKAAIbtVSsGBvBdwAA",
            "media_key": "3_1996595104170254337"
          }
        },
        "media_url_https": "https://pbs.twimg.com/media/G7VUqzhaIAEgQe_.jpg",
        "original_info": {
          "focus_rects": [
            {
              "h": 825,
              "w": 1474,
              "x": 0,
              "y": 0
            },
            {
              "h": 1474,
              "w": 1474,
              "x": 0,
              "y": 0
            },
            {
              "h": 1680,
              "w": 1474,
              "x": 0,
              "y": 0
            },
            {
              "h": 1798,
              "w": 899,
              "x": 45,
              "y": 0
            },
            {
              "h": 1798,
              "w": 1474,
              "x": 0,
              "y": 0
            }
          ],
          "height": 1798,
          "width": 1474
        },
        "sizes": {
          "large": {
            "h": 1798,
            "w": 1474
          }
        },
        "type": "photo",
        "url": "https://t.co/rNrYfvpkNr"
      }
    ]
  },
  "card": null,
  "place": {},
  "entities": {
    "urls": [
      {
        "display_url": "arxiv.org/abs/2512.03262",
        "expanded_url": "https://arxiv.org/abs/2512.03262",
        "indices": [
          1513,
          1536
        ],
        "url": "https://t.co/ExZEjWLAxD"
      }
    ]
  },
  "quoted_tweet": null,
  "retweeted_tweet": null,
  "isLimitedReply": false,
  "article": null
}