Skip to content
AI Risk Library · Technical & coding
The AI risk library

Technical & coding: 10 ways AI gets it wrong

Code that doesn't run, hardcoded secrets and missed vulnerabilities. Each failure mode below is phrased as the question people actually ask, with what it looks like in real work — and the layer of the Trust Stack that catches it.

Agreement alone is not proof

Does AI write code that doesn't even run?

A snippet fails immediately with a syntax or import error.

Caught by the Independent Auditor

Why does AI write code that runs but is wrong?

The program executes cleanly but produces the wrong result.

Caught by the Independent Auditor

Can AI use outdated libraries?

The code depends on a library version that's no longer maintained.

Caught by the Risk Reviewer

Does AI use deprecated APIs?

A call relies on an API method that has already been removed.

Caught by the Independent Auditor

Why does AI miss security vulnerabilities in code?

A snippet ships an injection flaw the model never flagged.

Caught by the Risk Reviewer

Can AI hardcode secrets into code?

An API key is pasted directly into the source instead of a secret store.

Caught by the Risk Reviewer

Does AI mishandle authentication?

A login flow can be bypassed because auth is checked in the wrong place.

Caught by the Risk Reviewer

Why does AI mishandle permissions?

A user can reach data they should never have access to.

Caught by the Risk Reviewer

Can AI build fragile workflows that break easily?

A pipeline collapses the moment any input differs from the happy path.

Caught by the Risk Reviewer

Does AI fail to handle errors in code?

A failure crashes the whole process instead of being caught and handled.

Caught by the Risk Reviewer

One model can’t reliably catch its own mistakes. A council of independent minds can.

Run your work through the council

All 250 failure modes · See also: the Trust Stack