CodeSpy, your tool for detecting AI-generated code

▶

Today I want to tell you about CodeSpy.AI, a tool that allows you to detect code generated by artificial intelligence.

This tool is very useful for several reasons, but the main ones are:

• The code AI provides is rarely 100% functional for our application. It always needs to be adapted, improved, and validated before using it in production.
• And if you're a customer, you have the right to know the quality of the software you're receiving, especially if part of the code comes from AI.
• It's a tool that allows you to measure, in a certain way, the quality of the software you're programming—that is, to ensure that NOT all of it is AI code.

To start the scan, there's a dedicated button. It's important to note that this tool has a 98% accuracy rate in determining whether the code you're analyzing was generated by AI or not.

Why is it important?

AI-generated code can have problems for a variety of reasons, including:

• Outdated code: Code is often based on older versions of languages, libraries, or frameworks.
  • This can lead to incompatibilities, bugs, unexpected shutdowns, instability, and vulnerabilities that can be exploited by attackers.
• It may NOT follow best practices.
  • AI sometimes attempts to connect to nonexistent resources, such as databases, which breaks key functionality.

It's not that AI-generated code is bad, but it should always be supervised. The new way of programming combines the use of AI with human review, as we can't expect a prompt to deliver a perfectly functional and updated application.

AI-generated code can present problems such as:

• Use of old versions of languages, libraries, or frameworks.
• Incompatibilities and bugs.
• Unexpected shutdowns and instability.
• Vulnerabilities exploitable by attackers.
• Connections to nonexistent resources (e.g., databases).

Furthermore, AI doesn't always follow best programming practices, which depends greatly on how we interact with it.

A program with excessive AI-generated code may have at least one of the problems mentioned above and the project may be subject to a prompt or simple prompts.

The best way to use AI:

• It's like an assistant, but don't let the AI take control of ALL or a LARGE part of the project.
• And by asking specific questions, not just a vague "prompt" that does everything for you.

Recommended Use of AI in Programming

In practice, AI-generated code is rarely 100% functional and 100% secure. Therefore, it must always be tailored to the needs of the project.

The programmer's role is:

• Monitor and correct the code.
• Ensure everything works correctly.
• Use AI to generate repetitive code or address specific needs.

According to a Perplexity summary, the average AI-generated code in a project is typically between 20% and 50%. So, if you analyze a project and see that 80% to 100% of the code was generated by AI, something is probably wrong.

• AI isn't perfect; it can make mistakes: bugs, logic errors, security errors, or poorly implemented errors.
• The code is yours: YOU are responsible for the code generated in YOUR project.
• The quality of the answers given by the AI depends on the quality of the prompt: Vague prompts will give you vague results: Don't rely too much or TOTALLY on the AI.

What CodeSpy.AI does and how to use it

• Detects whether the code was generated by AI models.
• Supports C#, Java, Python, JavaScript, and PHP.
• Does not rewrite or fix code: its purpose is to analyze it and report issues.
• Monitors the proportion of AI-generated code.
• Include this metric as a software quality indicator.
• Helps developers, security teams, managers, educators, engineers, and software companies verify the quality of delivered or received code.

To use this tool, we can install it in IDEs like VSC or from the web:

http://codespy.ai/

Role of the developer in the AI era

Here comes a concept that we must learn:

• The new role isn't about copying and pasting, but about adapting solutions.
• Using AI as a starting point and applying our knowledge and experience to ensure that code is secure, up-to-date, and functional.

Benefits of its use

• Engineering managers and consulting firms working with AI must be prepared for these changes.
• Ideal for developers, security teams, software managers, and educators. It also analyzes plagiarism and code quality.
• The better the code delivered to the client, the fewer revisions and changes will be necessary.

Conclusion

AI tools like Copilot are amazing, but they're no substitute for human review.
CodeSpy.AI helps us quickly detect issues before they reach production, protecting both developers and customers.
Bottom line: using AI is great, but using it with control is better.

Plans

It offers plans for small software consultancies (1 to 4 people) and also for medium-sized companies with up to 50 employees that outsource development teams and need to ensure quality and accountability in the QA cycle.