As for why we are not worried enough, my guess would be that we’re too preoccupied with the impact on coding process itself, there isn’t enough attention put on other parts.

In terms of general working practices, there’s 2 things that I think are important right now: - proper AI attribution - both on commits and AI-generated PR comments. A bit of extra transparency can help spot these kinds of issues - clear separation of human and automated PR review

As an example, on that second point, we already use CodeRabbit for AI-based PR reviews. If I see „John” approving a PR, my expectation is that John himself read it and is vouching for it. I’d expect that AI is not involved or, at most, it does non-opinionated explaining and/or ordering of changes. If I see any kind of mention that „Claude did code review for someone”, I’m going to start screaming.