Luke Hinds, CTO of Stacklok and creator of Sigstore, speaks with SE Radio’s Brijesh Ammanath about the privacy and security concerns of using AI coding agents. They discuss how the increased use of AI coding assistants has improved programmer productivity but has also introduced certain key risks. In the area of secrets management, for example, there is the risk of secrets being passed to LLMs. Coding assistants can also introduce dependency-management risks that can be exploited by malicious actors. Luke recommends several tools and behaviors that programmers can adopt to ensure that secrets do not get leaked.
Show Notes
Related Episodes
- SE Radio Episode 533: Eddie Aftandilian on Github Copilot
- SE Radio Episode 633: Itamar Friedman on Automated Testing with Generative AI
- SE Radio Episode 606: Charlie Jones on Third-Party Software Supply Chain Risks
- SE Radio Episode 603: Rishi Singh on Using GenAI for Test Code Generation
- SE Radio Episode 535: Dan Lorenc on Supply ChainAttacks
- SE Radio Episode 666: Eran Yahav on the Tabnine AI Coding Assistant
