Isn't the development approach part of the reason that this exploit occurred? The creator openly admitted that they weren't properly reviewing code when describing the project previously. With no engineers who have domain knowledge of the app (because the developers are AI) that leaves a wide gap for exploits to appear.
I feel like just filtering this comment out is a mistake. I use AI, and I think there is a place for it, but if a colleague said "Here's a PR, I didn't even review it" I'd send it back and say "Well you better review it!"
How AI is used is 100% a topic for debate, ranging from "All AI is bad" to "there will be no coding, just vibes". You agree with this right? That there are a range of developers who believe different things all along this spectrum, and that for some developers un-reviewed code is the CAUSE of bad code.
