AI Code Security Audit

Format: Have AI A generate code, then have AI B audit it for security.

Steps:

Step 1: Tell AI A
"Write a user registration and login API using Node.js + Express,
including password storage and JWT authentication."

Step 2: Tell AI B
"You are a security audit expert. Review the following code,
find all security vulnerabilities, and rank them by severity: [paste code]"

Step 3: Document
- How many security issues did AI A introduce?
- Is AI B's audit reliable? Did it miss anything? Any false positives?

Common findings: Passwords not hashed with salt, hardcoded JWT secret, no rate limiting, no input validation, error messages revealing too much information.