For much of the past six months, the rise of A.I. coding agents has been told as a story of breakthrough. Tools like Claude Code and rival systems from OpenAI and others grew markedly more capable, crossing a threshold from novelty to routine use for many programmers. At developer gatherings, the mood has often been closer to evangelism than caution.
Now, a backlash is taking shape.
What began as excitement over software that could draft features, fix bugs and even open pull requests on its own is turning into a more sober argument over quality, accountability and who bears the cost when these systems fail. Prominent programmers are warning that the problem is no longer whether coding agents can produce code. It is whether anyone can trust, maintain or safely govern what they produce at scale.
In recent weeks, that concern has spread beyond chat-room grumbling into a broader debate across the software world, from high-profile critics to overburdened open-source maintainers.
From impressive demos to hidden liabilities
The backlash is emerging at an awkward moment for A.I. companies, because it follows real technical progress.
Developers who spent late 2025 testing the newest generation of models widely described that period as an inflection point. Coding agents got better not just at spitting out snippets, but at working through tasks in sequence, editing files, running tests and completing enough of the job that some programmers began using them every day. Anthropic, in particular, has leaned into that shift, presenting Claude Code as a glimpse of software development’s future.
That progress has changed the terms of the debate. Earlier skepticism focused on whether the systems were too error-prone to be useful at all. Now critics say the danger is subtler: the tools are useful enough to be adopted widely, but unreliable enough to create a new class of defects that are harder to catch.
George Hotz, the well-known programmer and entrepreneur, recently described coding agents as potentially “one of the most costly mistakes” in software development. After months of testing, he argued that large language models are effective for prototypes and quick starts, but often break down in the details, producing bugs that look plausible and therefore evade notice longer.
That concern resonates with many experienced engineers because modern software failures are often expensive not when code is obviously broken, but when it is almost right. A system that sounds confident, passes a few superficial checks and introduces subtle problems can be more damaging than one that simply crashes.
Simon Willison, an independent developer and influential commentator on A.I. tools, has been among those arguing that the risk is not only insecure or incorrect code, but systems that consume human attention while projecting competence. In one recent post, he highlighted a joke about an obedient-seeming A.I. assistant that acknowledges a safety instruction only after the ship has already suffered catastrophic damage — a concise expression of a deeper worry: prudence advertised is not the same thing as prudence executed.
The burden falls on humans
The sharpest complaints are coming from the people who have to clean up after the tools.
In open source, where a relatively small number of maintainers often review code and security reports for projects used by millions, A.I. has made it much cheaper to generate submissions than to validate them. That imbalance is becoming harder to ignore.
The maintainers of curl, one of the internet’s core data-transfer tools, recently ended the project’s bug bounty program after being flooded with low-quality, A.I.-generated vulnerability reports. Linux kernel maintainers have also updated security-reporting guidance amid a rise in automated reports, reflecting a growing frustration with submissions that are voluminous but difficult to verify.
The issue is not that every A.I.-assisted report is worthless. Some point to real issues. But maintainers say that a report without clear reproduction steps, technical accountability and a human who can answer follow-up questions still imposes a cost. The software may be cheap for the sender to generate; the review is not cheap for the recipient.
That dynamic is helping crystallize the central criticism of coding agents: they do not eliminate labor so much as redistribute it. Users save time drafting code, filing issues or proposing fixes. Reviewers, maintainers and security teams inherit the burden of checking whether any of it is sound.
In practical terms, the economics can be punishing. A maintainer who once received a manageable stream of bug reports now faces a torrent of polished but dubious submissions. An engineering team that once reviewed code written by colleagues with shared context must now inspect machine-generated changes whose apparent completeness may mask shallow understanding. The bottleneck has moved from generation to verification.
A maintenance problem, not just a coding problem
That matters because software is not valuable only when it is written. It is valuable when it can be maintained.
A growing body of research and industry observation suggests that this is where the A.I. coding boom may run into harder limits. Recent empirical work has found that human developers still perform the overwhelming share of maintenance on agent-generated code. Some studies have also suggested that files initially written by A.I. receive relatively limited follow-up changes, raising questions about whether developers are avoiding them, rewriting them, or simply letting opaque code sit in place until it becomes a problem.
Those findings do not prove that A.I.-written code is inherently worse. But they reinforce a widespread suspicion among engineers that productivity gains measured at the moment of code generation may conceal costs that surface later, during debugging, extension and incident response.
That distinction has long mattered in professional software development. A quick prototype can be valuable even if it is messy. Production software, by contrast, must be legible to other humans, resilient under unexpected conditions and fixable by people who did not write it. Critics of coding agents increasingly argue that the tools are optimized for the first category while being sold as if they solve the second.
Anthropic itself has acknowledged that some quality failures tied to Claude Code have come not only from the underlying model, but from bugs and shortcomings in the surrounding tool layer — a reminder that “agent” behavior depends on the whole system, including prompts, permissions, file access, test harnesses and execution logic. In other words, even if the model improves, the operational risks do not disappear.
Why the debate is intensifying now
The timing is not accidental. Backlash has sharpened precisely because the tools have become good enough to matter.
Until recently, many developers could dismiss coding agents as toys, useful for boilerplate but too flaky for serious work. As the systems improved, companies began integrating them more deeply into real workflows, and developers began relying on them for tasks once reserved for junior engineers or trusted collaborators. That widened the exposure. More generated code entered repositories. More A.I.-assisted bug reports reached maintainers. More organizations discovered that speed at the front end can mean congestion at the back end.
The cultural mood has shifted with it. Earlier enthusiasm around “vibe coding” — rapidly building projects with heavy A.I. assistance — captured the feeling of abundance created by these tools. But even some early enthusiasts have since described a kind of overexuberance, acknowledging that many such projects were half-baked, insecure or not worth maintaining.
What is left now is a more grounded dispute over governance. Can teams put enough testing, review discipline and submission rules around coding agents to make them net positive? Or does the cheapness of machine-generated output inevitably swamp the scarce human capacity needed to verify it?
Open-source communities are already experimenting with stricter norms: demanding reproducible reports, narrowing intake channels and placing more responsibility on submitters. Some projects may move further in that direction, becoming less open, not more, as a defense against automated noise.
The question beneath the backlash
For all the argument, the current moment is not a simple rejection of A.I. coding tools. Many of their critics use them. Many maintainers who resent A.I.-generated slop also acknowledge that the systems can be genuinely helpful when deployed carefully.
The conflict is over the terms of adoption.
If coding agents are to become a durable part of software development, the industry will need answers to questions it has not fully solved: Who signs their work? Who reproduces their bugs? Who is accountable when plausible code fails in production? And who pays for the review labor needed to separate a real contribution from synthetic noise?
Those questions are becoming harder to avoid because the technology has advanced beyond the demo stage. The coding agents can now do enough to save time. They can also do enough damage to waste it.
That, more than the spectacle of an A.I. writing software on command, is what is now driving the argument. In software, the hardest part is often not creating code. It is living with it.
Sources
Further reading and reporting used to add context:
- https://www.notebookcheck.net/Linux-developers-overwhelmed-by-AI-generated-bug-reports.1299305.0.html
- https://technologyreview.es/article/el-code-with-claude-de-anthropic-mostro-el-futuro-de-la-programacion-te-guste-o-no
- https://www.techradar.com/pro/claude-cannot-be-trusted-to-perform-complex-engineering-tasks-amd-ai-head-slams-anthropics-coding-tool-after-months-of-frustration
- https://sciencesprings.wordpress.com/2026/05/22/from-the-mit-technology-review-anthropics-code-with-claude-showed-off-codings-future-whether-you-like-it-or-not/
- https://thenewstack.io/ai-slop-open-source/
- https://machineherald.io/article/2026-02/22-ai-generated-slop-is-overwhelming-open-source-projects-forcing-emergency-countermeasures
- https://techcrunch.com/2026/05/13/anthropics-cat-wu-says-that-in-the-future-ai-will-anticipate-your-needs-before-you-know-what-they-are/
- https://www.infoq.com/news/2026/02/ai-floods-close-projects/
- https://arstechnica.com/security/2026/01/overrun-with-ai-slop-curl-scraps-bug-bounties-to-ensure-intact-mental-health/
- https://simonwillison.net/
- https://leaddev.com/software-quality/ai-generated-abandonware-is-hollowing-out-open-source
- https://www.theregister.com/software/2026/04/06/ai-slop-got-better-so-now-maintainers-have-more-work/5223172
- https://www.itpro.com/software/open-source/big-tech-is-clamping-down-on-open-source-ai-slop-reports
- https://www.pcgamer.com/software/platforms/open-source-game-engine-godot-is-drowning-in-ai-slop-code-contributions-i-dont-know-how-long-we-can-keep-it-up/
- https://www.tomshardware.com/software/linux/linus-torvalds-says-ai-bug-reports-have-made-the-linux-security-mailing-list-almost-entirely-unmanageable
- https://www.axios.com/2026/03/06/anthropic-mozilla-claude-opus-bug-hunting
- https://www.tomshardware.com/software/linux/linux-may-be-ending-support-for-older-network-drivers-due-to-influx-of-false-ai-generated-bug-reports-maintenance-has-become-too-burdensome-for-old-largely-unused-systems
- https://www.reddit.com/r/myaibusiness/comments/1tljnxi/anthropics_code_with_claude_showed_off_codings/
- https://arxiv.org/abs/2604.26118
- https://arxiv.org/abs/2605.06464
- https://arxiv.org/abs/2605.25438
- https://lkml.org/lkml/2026/4/5/143
- https://lkml.org/lkml/2025/5/29/371
- https://daniel.haxx.se/blog/2026/01/26/the-end-of-the-curl-bug-bounty/
- https://daniel.haxx.se/blog/2026/01/
- https://lkml.org/lkml/2026/1/27/1024
- https://nvd.nist.gov/general/nvd-dashboard?id=5906955%3Futm_source%3Dtestdevjobs
- https://nvd.nist.gov/general/nvd-dashboard?%3F%3F%3F%3Futm_source=%28SOCIAL_NETWORK%29&%3F%3Futm_campaign=Oktopost-Employee+Spotlight%3A+Inside+Tanium
- https://nvd.nist.gov/vuln/detail/CVE-2026-3788
- https://lists.openwall.net/netdev/2026/02/23/8
- https://lkml.org/lkml/2022/10/13/750
- https://daniel.haxx.se/blog/2026/02/25/
- https://nvd.nist.gov/vuln/detail/CVE-2026-26267
- https://daniel.haxx.se/media/FOSDEM%202026%20OSS%20security%20in%20spite%20of%20AI.pdf
- https://the-decoder.com/george-hotz-says-coding-agents-will-be-one-of-the-most-costly-mistakes-in-software-development/
- https://the-decoder.com/anthropics-leaked-ai-coding-tool-has-been-cloned-over-8000-times-on-github-despite-mass-takedowns/
- https://the-decoder.com/frontier-radar-1-from-chatbots-to-problem-solvers-the-state-of-ai-agents-in-2026/
- https://the-decoder.com/ai-benchmarks-are-broken-and-the-industry-keeps-using-them-anyway-study-finds/
- https://the-decoder.com/openai-ceo-altman-admits-he-broke-his-own-ai-security-rule-after-just-two-hours-says-were-all-going-yolo/
- https://the-decoder.com/andrej-karpathy-says-humans-are-now-the-bottleneck-in-ai-research-with-easy-to-measure-results/
- https://the-decoder.com/google-engineer-says-claude-code-built-in-one-hour-what-her-team-spent-a-year-on/
- https://the-decoder.com/ai-agents-are-thriving-in-software-development-but-barely-exist-anywhere-else-anthropic-study-finds/
- https://the-decoder.com/nvidia-ceo-jensen-huang-the-idea-that-ai-will-destroy-software-is-ridiculous/
- https://the-decoder.com/new-benchmark-shows-claude-mythos-and-gpt-5-5-can-develop-real-browser-exploits-autonomously/
- https://the-decoder.com/from-gpt-2-to-claude-mythos-the-return-of-ai-models-deemed-too-dangerous-to-release/
- https://the-decoder.com/zhipu-ais-glm-5-1-can-rethink-its-own-coding-strategy-across-hundreds-of-iterations/
- https://the-decoder.com/wp-content/uploads/2024/08/whistleblower-sb1047-letter.pdf
- https://files.technologyreview.com/magazine-archive/2007/MIT-Technology-Review-2007-09-sample.pdf
- https://the-decoder.com/wp-content/uploads/2025/07/IMO_2025_GDM-Proofs.pdf
- https://static.simonwillison.net/static/cors-allow/2025/rimu_kakapo_breeding_brief.pdf
- https://the-decoder.com/wp-content/uploads/2024/08/anthropic-sb1047-letter.pdf
- https://files.technologyreview.com/magazine-archive/2009/MIT-Technology-Review-2009-07-sample.pdf
- https://simonwillison.net/2026/Apr/24/recent-claude-code-quality-reports/
- https://simonwillison.net/2026/May/
- https://simonwillison.net/2026/Apr/15/kyle-kingsbury/
- https://simonwillison.net/tags/llms/
- https://simonwillison.net/2026/May/6/vibe-coding-and-agentic-engineering/
- https://simonwillison.net/entries/
- https://simonwillison.net/2026/May/6/code-w-claude-2026/
- https://simonwillison.net/2026/Apr/2/lennys-podcast/
- https://feeds.simonwillison.net/tags/ai-misuse/
- https://simonwillison.net/tags/ai/
- https://simonwillison.net/tags/exfiltration-attacks/
- https://simonwillison.net/tags/generative-ai/
- https://static.simonwillison.net/static/2025/til_database_join_diagram.pdf
- https://static.simonwillison.net/static/2024/chrome-headless-page.pdf
- El Code with Claude de Anthropic mostró el futuro de la programación, te guste o no | MIT Technology Review en español
- The end of the curl bug-bounty | daniel.haxx.se
- AI-generated abandonware is hollowing out open source – LeadDev
- Simon Willison on ai-misuse
- Vibe coding and agentic engineering are getting closer than I’d like
- To What Extent Does Agent-generated Code Require Maintenance? An Empirical Study
- An update on recent Claude Code quality reports
- 25 | February | 2026 | daniel.haxx.se
Leave a Reply