This turns the vicious cycle of AI slop β more AI slop to a virtuous one where the AI agent helps you move faster and compound productivity gains.
20.11.2025 21:35
π 1
π 0
π¬ 0
π 0
This turns the vicious cycle of AI slop β more AI slop to a virtuous one where the AI agent helps you move faster and compound productivity gains.
Solution?
- Adopt better development practices in the code base that helps AI build on top of a good foundation.
- Invest in tools *around* your AI agent. Test suite that can run locally. Typechecking/codeformatting/linting tools.
- Invest in code observability β coverage, complexity.
Most orgs are stuck in this vicious cycle: bad code + unchecked AI β worse code produced by AI.
Lack of a "clean" engineering environment β good code coverage (and the ability to track code coverage), good coding patterns, low-complexity modules β accelerates codebase entropy, degrading the future AI performance on tasks.
Presenter on a stage giving a tech talk about AI reducing code quality, with a slide showing charts and a seated audience in a glass-walled auditorium.
Research from Stanford University suggests that AI adoption decreases code quality. The study is ongoing and contains historical git data from 600+ organizations and 120K+ engineers. Shocking? Erm... not really.
I'm looking for account executives to expand our sales team. Preferably in-person in SF, or remote within the Bay Area.
Come help us accelerate the adoption of our hybrid code security agents + Autofixβ’ AI.
Original post: codemanship.wordpress.com/2025/09/30/...
Love the term "comprehension debt".
In AI-agent-first development, most of the new code doesn't exist as a mental model in anyone's head.
Good for moving fast. Bad for actually putting the code in production and maintaining it.
Major part of why we're building Autofix Bot.
This quote is quite telling, but I'm not sure the situation is that grim. I do believe most companies are building valuable stuff with AI and do have enough differentiation.
But if the user thinks you're just re-skinning ChatGPT, it might be time to re-think that UX.
I suspect a key reason for this could be that most companies are still retrofitting ChatGPT's chat box into an established product UX, with very few people doing 0β1 innovation.
If your product reminds the user of ChatGPT, they'll invariably think ChatGPT can do a better job.
Interesting UX problem that looms over vertical AI tools:
ChatGPT is more free-form and gives the user greater control, and users think that works better than purpose-built tools.
The snake is eating its own tail.
DeepSource Agents in Times Square last week.
Ship code fearlessly. β
DeepSource Agents are available to all teams on DeepSource Cloud starting today on the free plan, with limits. Over the next few weeks, we will roll this out to our enterprise customers. We have an exciting roadmap, and we can't wait to see how this helps developers ship!
Finally, we've given the agents long-term memory. So you can teach them important facts and context about your code and your organization.
3. False Positive Triage Agent: It removes noise from code security alerts. It reasons about every security issue with the code's context and suppresses it if it's not relevant.
2. CVE Prioritization Agent: It uncovers critical vulnerabilities in your 3rd-party dependencies by automatically triaging new CVEs introduced in your dependency chain.
We're starting with releasing three agents today.
1. Autofixβ’ Autopilot Agent: It autonomously fixes new security vulnerabilities in your code. It can create PRs with security patches for your first-party code and third-party dependency upgrades.
For example, if the agent sees a new potential SQL injection issue, it can reason about it using the code's AST, spanning across multiple files, and even third-party dependencies.
If it determines that the issue is high-priority, it patches it and opens a PR. All on its own.
Enter DeepSource Agents.
Our agents observe every line of code added to your codebase. Using static analysis and built on top of our DevSecOps platform, the agents reason about every observation and autonomously take actions. β like creating PRs.
deepsource.com/agents
We built AI agents for code security and gave them full autonomy.
Today, I'm excited to announce DeepSource Agents β autonomous AI agents, purpose-built for securing your code on autopilot.
You (and your AI) are writing 10x code, 10x faster. You need code security that scales.
I love these notes from our users more than the added revenue. β€οΈ
DeepSource has 5,000+ code checkers across 20+ programming languages and configuration technologies, and we've made it easy for you to explore them all.
Meet the new DeepSource Directory β¨ π β¨
"DeepSource isn't just a tool for us; it's a catalyst for cultural change in how we approach code quality."
Full story from the customer coming soon!
Later this week, we're shipping some more updates β including an AI agent that helps you make upgrade decisions on dependencies easily, automated remediation for Poetry (Python), and Dynamic Risk Scores for CVEs.
Exciting week ahead! β¨β¨β¨
β’ Third-party dependency scanning for 11+ programming languages, out-of-the-box, with zero CI setup.
β’ Reachability analysis with call paths and contextual code snippets for Python and JavaScript.
β’ Multi-variate automated remediation for pip, npm, pnpm, and yarn.
Just sent out the latest batch of DeepSource SCA Early Access invites.
Here's what our customers will be able to use right away β that most of the existing tools still don't have:
