Insights into Security-Related AI-Generated Pull Requests

TL;DR

This study analyzes over 33,000 AI-generated pull requests, focusing on 675 security-related ones, revealing common weaknesses, rejection reasons, and the impact of commit message quality on acceptance.

Contribution

It provides a detailed analysis of security issues, rejection factors, and the quality of AI-generated pull requests, extending existing taxonomies with AI-specific categories.

Findings

Security PRs often have regex inefficiencies, injection flaws, and path traversal issues.

Many security-related AI PRs are merged despite flaws.

Rejection reasons include inactivity and missing tests, with limited influence from commit message quality.

Abstract

Recent years have experienced growing contributions of AI coding agents that assist human developers in various software engineering tasks. However, this growing AI-assisted autonomy raises questions about security and trust. In this paper, we analyze more than 33,000 AI-generated pull requests (PRs) and identify 675 security-related submissions made by agentic AIs. Then we examine the security-related PRs with a focus on recurring security weaknesses, review outcomes and latency, commit message quality, and rejection reasons. The results show that security-related AI PRs introduce a small set of recurring weaknesses such as regex inefficiencies, injection flaws, and path traversal. Many flawed contributions are still merged, while rejections often arise from social or process factors such as inactivity or missing test coverage. The commit message quality of AI PRs has a limited effect on acceptance or latency, in contrast to human PRs reported in previous studies. We also extend existing rejection taxonomies by adding categories that are unique to AI-generated security contributions. These findings offer new insights into the strengths and shortcomings of autonomous coding systems in secure software development.