[{"data":1,"prerenderedAt":169},["ShallowReactive",2],{"blog-post-blog_en-versteckte-risiken-von-ki-in-der-softwareentwicklung":3},{"id":4,"title":5,"body":6,"cover":153,"date":154,"description":155,"draft":156,"extension":157,"meta":158,"navigation":159,"path":160,"seo":161,"stem":162,"tags":163,"__hash__":168},"blog_en\u002Fen\u002Fblog\u002Fversteckte-risiken-von-ki-in-der-softwareentwicklung.md","The Hidden Risks of AI in Software Development",{"type":7,"value":8,"toc":148},"minimark",[9,13,18,21,50,95,99,131,135,144],[10,11,12],"p",{},"AI tools in software development promise speed, and they deliver it. But accelerated output without corresponding governance creates a category of risk that most teams are not yet equipped to manage. These risks are not hypothetical, they are already showing up in production systems.",[14,15,17],"h2",{"id":16},"risks-in-code-quality","Risks in Code Quality",[10,19,20],{},"AI models optimise for surface correctness, not domain correctness. Concrete examples from practice:",[22,23,24,32,38,44],"ul",{},[25,26,27,31],"li",{},[28,29,30],"strong",{},"Systematic errors through increased consistency:"," Code that looks consistent can be consistently wrong. When all generated functions use the same flawed approach, errors become harder to detect, not easier.",[25,33,34,37],{},[28,35,36],{},"Skill atrophy in junior developers:"," Developers who work heavily with AI assistance early in their careers may not develop deep competence in debugging, architectural reasoning, and failure analysis. This creates long-term team dependency, not independence.",[25,39,40,43],{},[28,41,42],{},"Context transfer without domain knowledge:"," When an AI model is asked to extend an existing function, it often adds code that fits syntactically but violates domain invariants it has no way of knowing.",[25,45,46,49],{},[28,47,48],{},"Hallucinated API calls and library versions:"," Code that compiles but fails at runtime because the referenced function does not exist in that version, or has a different interface.",[51,52,57],"pre",{"className":53,"code":54,"language":55,"meta":56,"style":56},"language-bash shiki shiki-themes github-light github-dark","# Example: hallucinated npm package name (does not exist)\nnpm install react-query-infinite-scroll-v4\n# The model combines real package names into a plausible but non-existent\n# package. The error only surfaces at install or build time.\n","bash","",[58,59,60,69,83,89],"code",{"__ignoreMap":56},[61,62,65],"span",{"class":63,"line":64},"line",1,[61,66,68],{"class":67},"sJ8bj","# Example: hallucinated npm package name (does not exist)\n",[61,70,72,76,80],{"class":63,"line":71},2,[61,73,75],{"class":74},"sScJk","npm",[61,77,79],{"class":78},"sZZnC"," install",[61,81,82],{"class":78}," react-query-infinite-scroll-v4\n",[61,84,86],{"class":63,"line":85},3,[61,87,88],{"class":67},"# The model combines real package names into a plausible but non-existent\n",[61,90,92],{"class":63,"line":91},4,[61,93,94],{"class":67},"# package. The error only surfaces at install or build time.\n",[14,96,98],{"id":97},"risks-in-security-and-compliance","Risks in Security and Compliance",[22,100,101,107,113,119,125],{},[25,102,103,106],{},[28,104,105],{},"Reproduced vulnerabilities from training data:"," AI models trained on public code reproduce the common security patterns of that code, including known vulnerabilities such as SQL-injection-prone queries or unsafe deserialisation.",[25,108,109,112],{},[28,110,111],{},"Data privacy with external model APIs:"," Code and requirements transmitted to external APIs leave the company's sphere of control. For many codebases, this violates existing confidentiality requirements.",[25,114,115,118],{},[28,116,117],{},"Insecure patterns that pass code review:"," Because generated code is syntactically correct and resembles common patterns, security-relevant issues pass reviews that would stop manually written code.",[25,120,121,124],{},[28,122,123],{},"Loss of decision traceability:"," Who generated which code with which prompt? Without logging and context, the reasoning behind implementation decisions disappears. This makes audits and post-incident analysis significantly harder.",[25,126,127,130],{},[28,128,129],{},"Licence contamination from training data:"," The legal question of whether and under what conditions AI-generated code carries copyright claims is not yet definitively resolved.",[14,132,134],{"id":133},"why-this-matters","Why This Matters",[10,136,137,138,143],{},"These risks are manageable with the right structure. Teams that identify them early and build appropriate processes capture the speed gains without the downside. Teams that ignore them pay later, through security incidents, accumulated technical debt, or unresolved legal exposure. ",[139,140,142],"a",{"href":141},"\u002Fen\u002F#packages","AI Enablement"," creates exactly this structure: clear guidelines, review processes, and governance that make AI adoption sustainable.",[145,146,147],"style",{},"html pre.shiki code .sJ8bj, html code.shiki .sJ8bj{--shiki-default:#6A737D;--shiki-dark:#6A737D}html pre.shiki code .sScJk, html code.shiki .sScJk{--shiki-default:#6F42C1;--shiki-dark:#B392F0}html pre.shiki code .sZZnC, html code.shiki .sZZnC{--shiki-default:#032F62;--shiki-dark:#9ECBFF}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}",{"title":56,"searchDepth":71,"depth":71,"links":149},[150,151,152],{"id":16,"depth":71,"text":17},{"id":97,"depth":71,"text":98},{"id":133,"depth":71,"text":134},null,"2026-04-07","AI accelerates development but creates new risks in code quality, security, and accountability. What teams need to understand.",false,"md",{},true,"\u002Fen\u002Fblog\u002Fversteckte-risiken-von-ki-in-der-softwareentwicklung",{"title":5,"description":155},"en\u002Fblog\u002Fversteckte-risiken-von-ki-in-der-softwareentwicklung",[164,165,166,167],"AI","Software Quality","Engineering Leadership","Governance","lmNc3qlEqsm210pi2Xg3FXYNd71pu3G1ZIMs5bCdlLA",1780122462425]