Skip to main content
Endor Labs' AURI tool launch: AI code security study results, 10% secure. Data visualization, tech interface.

Editorial illustration for Endor Labs launches free AURI tool after study finds only 10% of AI code is secure

AI Code Security: Only 10% Pass Rigorous Audit Test

Endor Labs launches free AURI tool after study finds only 10% of AI code is secure

Updated: 3 min read

Only 10% of AI-generated code is secure. That stark finding from Endor Labs’ latest study is the backdrop for today’s launch of AURI, a free tool designed to cut through the noise. “Over 97% of vulnerabilities flagged by our previous tool weren’t reachable in our application,” said Travis McPeak, Security at Cursor.

“AURI by Endor Labs shows the few vulnerabilities that are impactful, so we patch quickly, focusing on what matters.” The timing is deliberate. AI coding agents are flooding every team, and the application security market is already choked with competitors, Snyk, GitHub Advanced Security, Anthropic’s new security layer in Claude. Endor Labs is betting that independence from any single AI tool is the only way to stay relevant where code actually gets written.

Endor Labs, the application security startup backed by more than $208 million in venture funding, today launched AURI, a platform that embeds real-time security intelligence directly into the AI coding tools that are reshaping how software gets built. The product is available free to individual developers and integrates natively with popular AI coding assistants including Cursor, Claude, and Augment through the Model Context Protocol (MCP).

The signal is buried in noise. That’s the real crisis of AI-generated code: not that it’s insecure, but that so many security tools scream at everything that developers learn to ignore them. Endor Labs understands this.

AURI doesn’t just find vulnerabilities, it finds the ones that matter. The ones you can actually reach, exploit, or ship. This is why independence matters.

When security is baked into a single AI coding agent, you’re trusting the same hand that wrote the code to check its own work. That’s a conflict of interest dressed up as convenience. Endor Labs steps outside that loop.

AURI scans your code wherever it lives, Cursor, VS Code, JetBrains, any AI tool, and cuts through the noise with reachability analysis. The numbers are stark. Only 10% of AI-generated code is secure.

That leaves 90% carrying latent risk. But the answer isn’t more alerts. It’s fewer, sharper ones.

AURI gives developers back their attention. And attention, right now, might be the scarcest resource in software engineering.

Common Questions Answered

What percentage of AI-generated code was found to be secure in the recent Endor Labs study?

The study revealed that only 10% of AI-generated code passed a comprehensive security audit. This finding highlights significant vulnerabilities in AI-assisted code development and underscores the critical need for robust security scanning tools.

How does AURI help developers improve the security of AI-generated code?

AURI provides real-time security intelligence directly within popular AI coding assistants like Cursor, Claude, and Augment. The tool offers immediate feedback on potential vulnerabilities, allowing developers to identify and patch security weaknesses at the point of code generation.

Why did Endor Labs decide to make AURI available for free?

By offering AURI free to individual programmers, Endor Labs aims to lower the barrier to adopting security checks in AI-generated code. The strategy helps embed security intelligence across development teams without requiring lengthy procurement processes, making security more accessible and immediate.

LIVE03:21OpenAI's Miles Wang in Talks for USD 2B AI Drug Discovery Startup