webforJ: AI-assisted, human-owned

As AI coding tools, assistants, and agents become increasingly powerful, professional engineers and casual vibe coders alike can go from concept to compilation faster than ever before. On top of that, meta-prompting systems like get-shit-done and Auto-Claude automate entire development workflows, so that the AI doesn't just write the code, but verifies it as well.
AI tools certainly accelerate output, and are very impressive at first glance. But what impact are they having on code quality? Can the open source ecosystem withstand the flood of AI-generated PRs? How can developers use AI without sacrificing understanding and quality?
Research into these questions is still emerging, but the current findings suggest that for anything that requires security, maintainability, and performance, it's best not to put too much trust in AI-written code.
This is why we've made a strategic choice at webforJ: AI-assisted development, but human-owned code.
The quantity
As you might expect, there is plenty of data tracking the impact of AI on software development. For instance, GitHub's annual Octoverse Report analyzes developer trends, providing insight into the use of AI on the platform. Their findings over the last couple years show massive growth in developer output, along with increased usage of AI as a development tool:
In 2025, every metric of developer productivity on GitHub broke new records:
- 25% increase in code pushes
- 20% increase in pull requests
- 11% increase in new issues
This increase in output comes alongside increased usage of AI. GitHub's analysis found:
- AI-related projects have almost doubled in less than two years
- Six of the 10 fastest-growing repos were related to AI infrastructure
- Almost 80% of new developers started using GitHub Copilot within their first week
These numbers compound on the growth already seen in 2024, when GitHub's report also showed significant growth in AI development:
- 98% increase in generative AI projects on GitHub
- 59% increase in contributions to these projects
Along with the increase in AI-related projects and developer output, the use of AI tools for development has become normalized through widespread adoption. According to over 49,000 responses to StackOverflow's 2025 Developer Survey, 78.5% of developers currently use AI tools, with another 5.3% planning to use them soon.
These trends reveal that AI tools are extremely popular, and that they're creating a tangible impact on code volume.
The quality
So what about the quality of all this code? Does the flood of commits stand up to scrutiny? These questions have been top of mind for many developers, and emerging research is starting to answer them.
StackOverflow's 2025 Developer survey found that positive sentiment toward AI tools dropped in 2025, falling to only 60% positive sentiment. Additionally, their results show only about 33% trust for the output of AI tools, with trust generally decreasing relative to developer experience.
CodeRabbit's State of AI vs. Human Code Generation Report, which analyzed 320 AI-co-authored PRs and 150 human-authored PRs, found that AI-written code generally had more issues:
- 1.7x more issues overall
- More high-issue outliers
- 1.4x more critical issues
- 1.7x more major issues
Specifically, they found that AI code often contains mistakes in logic and correctness, with increased occurrences of logic errors, misconfigurations, and poor error or exception handling.
StackOverflow's survey found that 66% of developers using AI tools had the problem of "AI solutions that are almost right, but not quite," and 45% agreed that "debugging AI-generated code is more time-consuming." Only 4% responded that they haven't encountered any problems when using AI tools.
In addition, the METR study Measuring the Impact of Early 2025 AI on Experienced Open-Source Developer Productivity found that experienced developers in large open source codebases took 19% longer to complete tasks with the help of AI tools than without.
Maintainability
GitClear analyzed over 200 million lines of code written between 2020 and 2024 in their AI Copilot Code Quality study. They found that in 2024, copy/pasted lines of code exceeded moved lines of code for the first time, indicating less refactoring and worse code reuse. From 2020 to 2024, they found that code reuse, as measured in moved lines, has decreased from 25% of all changes to less than 10% of all changes. In just one year from 2023 to 2024, the percentage of commits that contained duplicated blocks of code rose dramatically, from just 1.8% to 6.6%. Duplicated code blocks create technical debt and place undue burden on future developers, who have to find duplicated sections and determine whether they should all be updated, or if they serve different functions.
CodeRabbit's study found that AI-produced code often creates more technical debt when compared to human-written PRs, with increased issues of readability, formatting errors, inconsistent or unclear naming, and unused or redundant code. They found a 2.6x increase in formatting problems, and almost twice as many naming inconsistencies.
These issues make codebases more difficult to maintain, and increase the risk of future errors.
Security
CodeRabbit's study found a 2.74x increase in security issues in AI-written PRs. The most common issues were improper password handling, insecure object references, cross-site scripting issues (XSS), and insecure deserialization. These aren't AI-specific vulnerabilities, but the use of AI seems to increase their frequency.
Slopsquatting
In addition to increased prevalence of traditional vulnerabilities, AI also opens up new potential attack vectors that exploit the possibility of developers shipping un-reviewed code. Large Language Models sometimes "hallucinate" information, including dependencies and package names. Malicious actors can take advantage of common AI hallucinations by creating malicious packages under those names, tricking inattentive software developers into installing them without verifying their legitimacy. This practice is called slopsquatting, a combination of the words "AI Slop" and "typosquatting," an older technique of registering misspelled domain names.
The research paper We Have a Package for You! A Comprehensive Analysis of Package Hallucinations by Code Generating LLMs found that almost 20% of recommended packages across more than half a million code samples didn't exist. Many of the package names appeared every time the same prompt was given, making it easy for attackers to identify common hallucinations.
Performance
CodeRabbit's study found that AI-written PRs were more likely to create performance issues, with 7x more excessive I/O operations in the form of unnecessary file reads, repeated network calls, or unbatched operations. They suggest that this may be due to AI's preference for clarity and simple patterns at the cost of larger-scale efficiency.
AI upside
This isn't all to say that AI shouldn't be used as a coding tool. In fact, given the pace of improvement and adoption, it's crucial to learn how to use it safely and effectively. AI can improve both output and the developer's experience, provided that care is taken to avoid these common pitfalls.
webforJ's AI policy
AI coding assistants are dramatically changing the way that people create software, and the engineers at webforJ are no exception. We're excited to make use of these new tools and capabilities, but we're strongly committed to our policy of AI-assisted development, and human-owned code. We use AI in many parts of our development cycle, including generating boilerplate, writing tests, updating dependencies, drafting documentation, creating sample programs, and exploring architectural alternatives. But regardless of what the development process looks like, we only ship code that passes human review and quality assurance checks.
