Editorial illustration for Endor Labs launches free AURI tool after study finds only 10% of AI code is secure
AI Code Security: Only 10% Pass Rigorous Audit Test
Endor Labs launches free AURI tool after study finds only 10% of AI code is secure
Only 10% of AI‑generated code passed a recent security audit, a finding that sent ripples through development teams that rely on automated assistants. Endor Labs responded by releasing AURI, a free tool designed to spot weaknesses before they slip into production. The move follows a broader push to make AI‑driven coding safer, especially as firms scramble to integrate these agents without waiting for lengthy procurement cycles.
By offering the scanner at no cost, Endor hopes to embed security checks directly into the developer’s workflow, rather than treating them as an after‑thought. Early users have already flagged a surprising number of false positives, prompting the company to refine its detection algorithms. With the stakes high—vulnerabilities can be exploited the moment code lands in a repository—companies are watching closely to see whether AURI can bridge the gap between speed and safety.
As the conversation shifts from “how fast can we code?” to “how secure is that code?” the next comment from Travis McPeak, security lead at C, puts the numbers into perspective.
In a world where AI coding agents are proliferating across every team, Endor Labs needs to be wherever code is being written -- not waiting behind a procurement process. "Over 97% of vulnerabilities flagged by our previous tool weren't reachable in our application," said Travis McPeak, Security at Cursor, in a statement sent to VentureBeat. "AURI by Endor Labs shows the few vulnerabilities that are impactful, so we patch quickly, focusing on what matters." Why Endor Labs says independence from AI coding tools is essential The application security market is increasingly crowded.
Snyk, GitHub Advanced Security, and a growing number of startups all compete for developer attention. Even the AI model providers themselves are entering the fray: Anthropic recently announced a code security product built into Claude, a move that sent ripples through the market.
Endor Labs' new AURI platform arrives as a direct response to a study that found merely ten percent of AI‑generated code meets security standards. By embedding real‑time intelligence into popular AI coding assistants such as Cursor, Claude and Augment, the tool promises developers immediate feedback without waiting for procurement. The service is offered free to individual programmers, which could lower the barrier to adopting security checks at the point of write.
Yet the announcement notes that over 97 % of vulnerabilities flagged by the company's earlier solution were not reachable in the application, raising questions about the practical relevance of the alerts. Whether AURI's integration through the Model Context Protocol will translate into fewer exploitable flaws remains uncertain. The free availability may encourage broader testing, but the efficacy of real‑time guidance in complex codebases hasn't been demonstrated yet.
For now, Endor Labs positions AURI as a proactive layer in a environment where AI coding agents are proliferating across teams. Skepticism remains.
Further Reading
Related Reading
Business & Startups OpenAI, a Series F San Francisco startup founded in 2015 by eight pioneers
Business & Startups Terminal-Bench 2.0 launches with Harbor, testing any container-installable agent
Business & Startups Zuckerberg Unveils Meta Compute to Build Global AI Infrastructure
From Archives Joe Gebbia seen with metallic device as OpenAI, Jony Ive partnership looms
From Archives Magenta AI Call Assistant Launches in Germany, No App Needed
Common Questions Answered
What percentage of AI-generated code was found to be secure in the recent Endor Labs study?
The study revealed that only 10% of AI-generated code passed a comprehensive security audit. This finding highlights significant vulnerabilities in AI-assisted code development and underscores the critical need for robust security scanning tools.
How does AURI help developers improve the security of AI-generated code?
AURI provides real-time security intelligence directly within popular AI coding assistants like Cursor, Claude, and Augment. The tool offers immediate feedback on potential vulnerabilities, allowing developers to identify and patch security weaknesses at the point of code generation.
Why did Endor Labs decide to make AURI available for free?
By offering AURI free to individual programmers, Endor Labs aims to lower the barrier to adopting security checks in AI-generated code. The strategy helps embed security intelligence across development teams without requiring lengthy procurement processes, making security more accessible and immediate.