Rohan Paul, an AI engineer and entrepreneur, recently shared research showing that while AI agents can produce working code through “vibe coding,” the majority of that code is insecure. According to a new Carnegie Mellon paper, agents complete 61% of coding tasks correctly under the strongest setups, yet only 10.5% of these outputs pass security tests.
Vibe coding, as defined in the study, involves a human giving natural language instructions to an AI, which then edits or generates code with minimal oversight. The research team created SUSVIBES, a set of 200 real-world tasks drawn from projects with previous security fixes, and tested several popular AI coding agents. The results suggest that while agents often produce functional solutions, around 80% of those passing functionality checks still contain security vulnerabilities. Common problems include timing leaks in password handling and redirects that could allow attackers to alter headers. Even giving the AI guidance on specific weaknesses failed to substantially improve security.
Dominic Williams, founder of the Internet Computer Protocol (ICP), commented on the findings in a discussion thread, noting that while traditional tech stacks see similar patterns of insecure outputs, ICP’s tamperproof infrastructure offers an added layer of protection. “While tamperproof onchain software eliminates traditional cyber attacks, it does not remove logical errors,” Dom said. He highlighted that AI could, for instance, upgrade a blog in a way that accidentally gives every visitor administrative access.
Caffeine AI, the self-writing app platform built on ICP, is working to address these risks. Dom explained that the system relies on an ensemble of AI models performing specialised roles, with ongoing efforts to refine these models for maximum accuracy. Security can also be improved through expanded data definition languages, which clearly define access controls for data and functions. While logical vulnerabilities still require careful review, building on tamperproof code eliminates many traditional attack vectors, such as malware hiding in platform updates or misconfigured components.
Pierre Samaties, Chief Business Officer at DFINITY, also responded to Dom’s post, noting that the high insecurity rate of AI-generated software stems from Web2 infrastructure rather than the AI itself. “The fix isn’t better prompts. It’s a safer execution environment,” he said. He added that Caffeine AI on ICP deploys apps into secure, tamper-proof canisters, removing entire classes of vulnerabilities. “AI can finally build software safely when the platform itself is secure-by-design. ICP was built for exactly this moment.”
Discussion participants noted the potential for self-writing apps to enable non-technical creators to deploy functional, secure applications without relying on conventional tech teams. Dom emphasised that ICP remains unique in allowing AI models to run directly onchain, storing data and executing operations in ways no other blockchain currently supports. While large language models still require some offchain processing, Caffeine’s hybrid approach combines the benefits of onchain security with high-performance AI coding capabilities.
Responding to questions about broader adoption, Dom clarified that modern apps include reactive websites installable on phones and desktops, capable of social media, games, e-commerce, enterprise services, and SaaS functionality. This positions ICP and Caffeine AI as tools for creators seeking both immediacy and resilience in app deployment, rather than traditional banking or enterprise-only use cases.
The conversation around vibe coding highlights the tension between speed and security in AI-assisted development. Dom and Pierre’s perspectives underscore the importance of infrastructure that guarantees immutability and safety, even as AI models generate the logic that powers the apps themselves.
Dear Reader,
Ledger Life is an independent platform dedicated to covering the Internet Computer (ICP) ecosystem and beyond. We focus on real stories, builder updates, project launches, and the quiet innovations that often get missed.
We’re not backed by sponsors. We rely on readers like you.
If you find value in what we publish—whether it’s deep dives into dApps, explainers on decentralised tech, or just keeping track of what’s moving in Web3—please consider making a donation. It helps us cover costs, stay consistent, and remain truly independent.
Your support goes a long way.
🧠 ICP Principal: ins6i-d53ug-zxmgh-qvum3-r3pvl-ufcvu-bdyon-ovzdy-d26k3-lgq2v-3qe
🧾 ICP Address: f8deb966878f8b83204b251d5d799e0345ea72b8e62e8cf9da8d8830e1b3b05f
🪙 BTC Wallet: bc1pp5kuez9r2atdmrp4jmu6fxersny4uhnaxyrxau4dg7365je8sy2q9zff6p
Every contribution helps keep the lights on, the stories flowing, and the crypto clutter out.
Thank you for reading, sharing, and being part of this experiment in decentralised media.
—Team Ledger Life
