{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreihlvv2v4ak4ghvukv2pdxktnjjtviz7capl56zxfixltageanaq6u",
    "uri": "at://did:plc:gapzbf5nl5wxaqkqoecaeawh/app.bsky.feed.post/3mgyiggy6iet2"
  },
  "path": "/the-risk-profile-of-ai-driven-development/",
  "publishedAt": "2026-03-13T11:39:01.000Z",
  "site": "https://devops.com",
  "tags": [
    "AI",
    "Blogs",
    "Business of DevOps",
    "Contributed Content",
    "Social - Facebook",
    "Social - LinkedIn",
    "Social - X",
    "AI-generated code",
    "AIBOM",
    "autonomous development",
    "autonomous security",
    "challenge bottleneck",
    "CI CD gating",
    "cloud-native security",
    "Dependency Management",
    "GRC engineering",
    "hallucinations",
    "IDE controls",
    "license compliance",
    "machine speed enforcement",
    "OpenSSF Gemara",
    "Outdated Dependencies",
    "policy based dependency selection",
    "prompt level governance",
    "review bottleneck",
    "runtime transparency",
    "SBoM",
    "secure by default",
    "shift left security",
    "Software Supply Chain",
    "threat modeling",
    "transitive dependencies",
    "trusted registries",
    "typosquatting"
  ],
  "textContent": "Analysis arguing that AI-driven code generation accelerates dependency decisions and expands supply-chain risk, requiring shift-left governance, prompt-level controls, automated SBOM/AIBOM visibility, threat-modeling as engineering, and autonomous security to match autonomous development.",
  "title": "The Risk Profile of AI-Driven Development"
}