Thoughts on AI code safety, security research, product updates, and engineering best practices from the Jumbi team.
AI coding assistants accelerate development, but the code they generate carries unique risks. We analyzed 10,000 AI-generated codebases to find the most common vulnerabilities.
Today we are launching Jumbi - a purpose-built platform for assessing the risks of AI-generated code. Here is why we built it and how it works.
Static analysis tools were designed for human-written code patterns. AI-generated code introduces hallucinated APIs, phantom imports, and other patterns these tools cannot detect.
From hardcoded secrets to eval() in user input handlers - here are the five most dangerous patterns we see in vibe-coded projects, and how to fix them.
A deep dive into our weighted scoring algorithm across four dimensions: Security (35%), Code Quality (25%), Dependencies (20%), and Test Coverage (20%).
Learn how to integrate Jumbi into your GitHub Actions workflow to automatically block pull requests that exceed your team's risk threshold.