Reviewing AI-generated code

Why code that "looks perfectly correct" can subtly destroy your app.

The idea

AI models (LLMs) are great at syntax, but they suffer from Hallucinations (inventing methods that don't exist but sound plausible) and Semantic Errors (writing code that executes cleanly but calculates the wrong business logic).

When reviewing AI code, do not just check if it compiles. You must verify: 1) Do these library methods actually exist? 2) Is it handling edge cases correctly? 3) For ML models, did it accidentally include the target variable in the training features (Data Leakage)?

# Prompt: "Write a function to fetch a user's recent orders from Stripe"
import stripe

def get_recent_orders(customer_id):
    customer = stripe.Customer.retrieve(customer_id)
    
    orders = customer.get_recent_orders(limit=5)
    
    filtered = [o for o in orders if o.created > time.now()]
    
    return filtered
# Prompt: "Train a model to predict if a user will churn next month"
import pandas as pd
from sklearn.ensemble import RandomForestClassifier

def train_churn_model(df):
    features = df[['age', 'days_since_last_login', 'plan_tier']]
    target = df['churned_next_month']
    
    model = RandomForestClassifier()
    model.fit(features, target)
    return model
Hover over the flagged lines to reveal the AI's subtle mistakes.

How it works (The AI Code Review Checklist)

When reviewing an AI Pull Request, ask yourself:

1. Hallucinated APIs: Did it invent a method? (e.g., array.sortByValue())
2. Edge Cases: Did it handle empty lists, nulls, or boundary off-by-ones?
3. Security: Did it use parameterized queries or just concatenate strings?
4. Performance: Did it put a database query inside a loop (N+1)?
5. Business Logic: Does it actually solve the right problem?

Always test AI code with adversarial inputs before merging!