SOK: Exploring Hallucinations and Security Risks in AI-Assisted Software Development with Insights for LLM Deployment

The integration of Large Language Models (LLMs) such as GitHub Copilot, ChatGPT, Cursor AI, and Codeium AI into software development has revolutionized the coding landscape, offering significant productivity gains, automation, and enhanced debugging capabilities. These tools have proven invaluable for generating code snippets, refactoring existing code, and providing real-time support to developers. However, their widespread adoption also presents notable challenges, particularly in terms of security vulnerabilities, code quality, and ethical concerns. This paper provides a comprehensive analysis of the benefits and risks associated with AI-powered coding tools, drawing on user feedback, security analyses, and practical use cases. We explore the potential for these tools to replicate insecure coding practices, introduce biases, and generate incorrect or non-sensical code (hallucinations). In addition, we discuss the risks of data leaks, intellectual property violations and the need for robust security measures to mitigate these threats. By comparing the features and performance of these tools, we aim to guide developers in making informed decisions about their use, ensuring that the benefits of AI-assisted coding are maximized while minimizing associated risks.

@article{haque2025_2502.18468,
  title={ SOK: Exploring Hallucinations and Security Risks in AI-Assisted Software Development with Insights for LLM Deployment },
  author={ Ariful Haque and Sunzida Siddique and Md. Mahfuzur Rahman and Ahmed Rafi Hasan and Laxmi Rani Das and Marufa Kamal and Tasnim Masura and Kishor Datta Gupta },
  journal={arXiv preprint arXiv:2502.18468},
  year={ 2025 }
}