Français
Deutsch
Español
Italiano
Português
日本語
한국어
Русский
City of Philadelphia, Philadelphia Energy Authority, and Ameresco Begin Trial Installations for the Philly Streetlight Improvement Project
Jul 24, 2023Here's Why Halogen Lightbulbs Are Banned In The United Kingdom
Jul 11, 2023Motorist journey has rocky finish: Middleburg Heights Police Blotter Driver
Nov 29, 2023Combination solar, battery, AI and dynamic contract: this Dutch company solves green power problem with it
Dec 06, 2023Pensacola Bay Bridge lights part of testing, not pride month
Nov 12, 2023Fast Code, Real Risks: Guardrails for AI-Generated Software - DevOps.com
Jul 01, 2025By: Mike Vizard on June 30, 2025
Yonatan Arbel, developer advocate in the Office of the CTO at JFrog, dives into the potential risks and rewards of relying on artificial intelligence (AI) agents to build and deploy software.
Yes, more code is shipping faster than ever, Arbel admits, but volume alone isn’t a win—each hastily synthesized line must still survive build servers, security scanners and production reality. “Not everything in life comes for free,” he reminds, framing AI acceleration as an IOU that must eventually be paid down with careful review.
To drive the point home, Arbel shares a personal misadventure. While traveling, he used a “vibe-coding” platform to whip together a receipt-tracking app. The tool auto-generated an impressive login flow and slick UI, so he proudly shared the URL with friends—only to discover their receipts mixed with his the next morning. A quick code dive revealed an AI-written SQL query that fetched every user’s data instead of scoping to the current account, proving how easily privacy can be breached when humans skip the boring inspection step.
From there, the conversation turns to guardrails. Developers are becoming “pilots with copilots,” Arbel notes, spending more time instructing chat windows than writing functions. That shift demands automated policy checks, dependency vetting and runtime governance so velocity doesn’t eclipse trustworthiness. DevOps teams must embed quality gates early and often, treating AI-generated packages and prompts just like any other third-party code subject to organizational rules.
Arbel’s advice is pragmatic: Start small, review everything, and remember that speed without oversight is just a fast track to technical—and financial—pain. Used thoughtfully, AI can compress months of work into days, but only if teams stay vigilant, enforce context-aware policies and let security evolve in lockstep with the bots.
Filed Under: Video Interviews Tagged With: agentic AI, ai, jfrog, software development