Now, many people use AI to make software. This is easy, but it creates big security problems for computers.

現在許多人使用 AI 來開發軟體。雖然很方便，但這給電腦帶來了巨大的安全性問題。

Many people use AI to make apps quickly. They do not know how to code. These apps have many mistakes. Some apps let strangers see private data because they have no passwords.

許多人使用 AI 快速開發 App。他們不懂如何寫程式，因此這些 App 有許多錯誤。有些 App 因為沒有密碼，導致陌生人可以直接查看私人資料。

Experts say these apps are dangerous. People move their apps to the internet without checking them. AI can find some mistakes, but humans must check the work. Many people forget to do this.

專家表示這些 App 非常危險。人們在未經檢查的情況下就將 App 上傳到網路。AI 可以發現部分錯誤，但必須由人類檢查。許多人都忘記了執行這一步。

Some engineers only use AI and do not work hard. Other engineers must fix all the AI mistakes. This is very tiring. Also, engineers talk to AI more than to other people. They feel alone at work.

有些工程師只依賴 AI 而不努力工作。其他工程師則必須修正所有 AI 的錯誤，這非常令人疲憊。此外，工程師與 AI 交流的時間多於與他人交流，在工作中感到很孤單。

AI helps people make software fast. But it makes security weak and makes work hard for expert engineers.

AI 讓開發軟體變得快速，但它削弱了安全性，也增加了資深工程師的工作負荷。

The growth of 'vibe coding' and AI-driven development has made it easier for everyone to create software. However, this trend has also introduced serious security weaknesses and changed how professional engineering teams work together.

「Vibe Coding」與 AI 驅動開發的成長，讓每個人都能更容易地開發軟體。然而，這一趨勢也引入了嚴重的安全漏洞，並改變了專業工程團隊協作的方式。

The shift toward using natural language to develop software has allowed non-technical users to launch applications quickly. Unfortunately, this speed has caused a general increase in security flaws. For example, researchers from Red Access found thousands of public apps that lack basic password protection, leading to risks like unauthorized database access. Experts from SentinelOne and Corridor emphasized that the danger increases when simple local projects are moved to the cloud without a thorough security check. Although AI tools can help find bugs, humans must still start the review process, which often leads to critical mistakes.

轉向使用自然語言開發軟體，讓非技術用戶能夠快速推出應用程式。不幸的是，這種速度導致安全缺陷普遍增加。例如，Red Access 的研究人員發現數千個缺乏基本密碼保護的公開 App，導致如資料庫被未經授權訪問等風險。SentinelOne 與 Corridor 的專家強調，當簡單的本地專案在未經徹底安全檢查就遷移到雲端時，危險性會增加。雖然 AI 工具可以幫助尋找 Bug，但仍必須由人類啟動審查程序，而這往往導致關鍵錯誤。

At the same time, the social dynamics within engineering teams are changing. Deedy Das from Menlo Ventures noted a split between 'lazy' engineers, who rely only on AI, and 'craftsmen,' who do the hard work of checking and fixing AI-generated code. This situation, known as 'AI sprawl,' has changed the engineer's role from a creative one to a supervisory one. Furthermore, Fiona Fung from Anthropic observed that developers are becoming more isolated because they interact with AI agents more than with their colleagues. Consequently, companies may need to find new ways to encourage teamwork and knowledge sharing.

與此同時，工程團隊內部的社交動態正在改變。Menlo Ventures 的 Deedy Das 指出，工程師分成了兩類：一類是僅依賴 AI 的「懶惰」工程師，另一類則是負責檢查並修正 AI 生成代碼、承擔繁重工作的「匠人」。這種被稱為「AI 擴散」（AI sprawl）的情況，將工程師的角色從創造者變成了監理者。此外，Anthropic 的 Fiona Fung 觀察到，開發者變得越來越孤立，因為他們與 AI 代理互動的時間多於與同事交流。因此，公司可能需要尋找新方法來鼓勵團隊合作與知識共享。

AI-assisted coding has made software more accessible, but it has created a dangerous gap in security verification and a sustainability crisis for experienced professional engineers.

AI 輔助編程讓軟體變得更普及，但在安全驗證方面造成了危險的缺口，並為經驗豐富的專業工程師帶來了永續性危機。

The emergence of 'vibe coding' and AI-driven development has democratized software creation while introducing significant security vulnerabilities and altering the professional dynamics of engineering teams.

「氛圍編碼」（vibe coding）與 AI 驅動開發的出現，使軟體創作變得大眾化，但同時也引入了嚴重的安全漏洞，並改變了工程團隊的專業互動模式。

The transition toward natural language-based software development has facilitated the rapid deployment of applications by non-technical users. However, this acceleration has resulted in a systemic increase in security deficits. Evidence indicates a prevalence of SQL injection risks and unauthorized database exposure, as exemplified by the Moltbook incident and findings by Red Access, which identified thousands of public applications lacking basic authentication. Cybersecurity experts, including representatives from SentinelOne and Corridor, posit that the risk profile escalates when local prototypes are migrated to cloud environments without rigorous security audits. While AI agents can assist in vulnerability detection, the necessity for manual invocation of security reviews often leads to critical oversights.

向基於自然語言的軟體開發轉型，使非技術用戶能快速部署應用程式。然而，這種加速導致安全缺陷在系統層面增加。證據顯示 SQL 注入風險與未經授權的資料庫洩漏十分普遍，例如 Moltbook 事件以及 Red Access 的調查發現，數千個公開應用程式缺乏基本驗證。

Parallel to these technical risks is a shifting sociological paradigm within professional engineering cohorts. Deedy Das of Menlo Ventures observes a bifurcation of labor between 'lazy' engineers, who rely exclusively on AI output, and 'craftsmen,' who bear the disproportionate cognitive burden of validating and correcting machine-generated code. This phenomenon, characterized as 'AI sprawl,' has transformed the engineering role from creative synthesis to a supervisory function, potentially eroding professional identity. Furthermore, Fiona Fung of Anthropic has noted an increase in professional isolation as developers interact more frequently with agents than with peers, necessitating institutional interventions to restore collaborative knowledge exchange.

與這些技術風險同步的，是專業工程人員之間社會學範式的轉變。Menlo Ventures 的 Deedy Das 觀察到勞動力出現分層：一邊是完全依賴 AI 輸出的「懶惰」工程師，另一邊則是需承擔沉重認知負荷以驗證並修正 AI 代碼的「工匠」。這種被稱為「AI 擴散」（AI sprawl）的現象，將工程師的角色從創意綜合轉變為監督功能，可能會削弱專業認同感。此外，Anthropic 的 Fiona Fung 指出，由於開發者與 AI Agent 互動的頻率高於與同僚交流，導致專業孤立感增加，需要機構介入以恢復協作式的知識交流。

AI-assisted coding has expanded software accessibility but created a critical bottleneck in security verification and a crisis of professional sustainability for experienced engineers.

AI 輔助編碼擴大了軟體的獲取門檻，但在安全驗證方面造成了嚴重瓶頸，也令經驗豐富的工程師面臨專業永續性的危機。