Code is the domain where AI has had the most measurable impact on real productivity. A GitHub study published in 2022 found that developers using Copilot completed tasks 55% faster. A McKinsey study from 2023 found similar improvements. The effect is robust and documented.

But coding with AI is also the area where the difference between using it well and using it badly has the most visible consequences: code that appears to work but does something different from expected, security vulnerabilities the model did not flag, outdated dependencies, incorrect logic that passes a surface test and fails in production.

Two different users

AI for code serves two very different profiles, with different uses and different risks:

The experienced developer uses AI to accelerate parts of the work that are time-consuming but not creative: repetitive code (boilerplate), unit tests, documentation, predictable refactoring. They can evaluate the quality of the code AI produces because they have the judgement to do so.

The non-programmer uses AI to create tools that previously required knowing how to code: automation scripts, dashboards, small applications, data processing. The risk is higher because they do not have the judgement to evaluate the produced code.

Both uses are legitimate. But the limits and precautions are different.

For the experienced developer

AI changes the workflow of an experienced developer in several dimensions:

Intelligent autocomplete. Tools like GitHub Copilot complete lines and entire functions in the editor. The developer reviews and accepts or rejects suggestions. The speed gain is real, especially for code with predictable patterns.

Test generation. Writing unit tests is tedious. AI can generate them automatically given the code to test. The developer must verify that the tests cover the important cases and are correct, but the writing time drops dramatically.

Explaining someone else’s code. “What exactly does this function do?” with the code pasted in the context produces explanations that can be faster to read than the code itself, especially for less familiar languages or patterns.

Debugging. “This code produces this error. What could be the cause?” with the stack trace and the relevant code is a very effective use. The model has processed millions of similar code problems and usually identifies common causes correctly.

Translating between languages. Converting a Python script to JavaScript, or adapting code from one framework to another, is a task AI does fairly well for cases that are not too complex.

For the non-programmer

The promise of “create applications without knowing how to code” is partially real in 2025–2026, but with important limits worth knowing before building something on that foundation.

What works:

  • Simple automation scripts (processing a CSV, sending automated emails, batch-renaming files)
  • SQL queries on your own databases
  • Dashboards and data visualisations with tools like Observable or Streamlit
  • Small web applications with Replit or other assisted development platforms

What requires technical oversight:

  • Any application that accesses the internet or external APIs (security risk)
  • Code that handles sensitive user or customer data
  • Applications that will scale (what works for 10 users may not work for 10,000)
  • Integrations with existing systems

The main risk for the non-programmer: running code they do not understand. The model may produce code that works for the test case but has vulnerabilities, consumes resources inefficiently, or fails in unexpected ways at edge cases. Without the judgement to evaluate it, the error can be costly.

The main tools

GitHub Copilot. The standard for development. Integrates into VS Code, JetBrains and other IDEs. Especially good for autocomplete and code generation in the context of the active project.

Cursor. An editor built on VS Code with deeply integrated AI. Allows conversation about the entire codebase, broad refactoring and debugging with the context of the whole project. It has become the favourite of many advanced developers.

Replit Agent. For creating complete applications from natural language, without setting up a local environment. Ideal for prototypes and non-programmers. The platform manages deployment.

Claude for code. The Claude chat interface, with its long context, is very effective for reviewing extensive code, explaining complex systems and discussing architecture decisions. No extensions or file system access required.

Aider. A command-line tool that allows editing the codebase directly from a conversation with a language model. A favourite among developers who prefer the terminal.

The real limits

Generated code needs review. The model can produce code that looks correct but has subtle errors. Review is essential, especially for important business logic.

Security is not automatic. Models do not proactively add security considerations unless explicitly asked. “Are there security vulnerabilities in this code?” must be an explicit question.

Project context matters. A model that does not know the complete architecture of your system can produce code that works in isolation but does not fit well with the rest.

Dependencies may be outdated. Models were trained on code up to a certain date. They may suggest library versions that are no longer current or that have known vulnerabilities.

Debugging AI-generated code requires understanding it. If the code the AI produced fails and you do not understand how it works, debugging it is very difficult. Always ask the model to explain the code it produces.

AI does not replace developers: it changes which part of their work is the hardest. The repetitive parts get automated. The parts requiring architectural judgement, business understanding and evaluation of trade-offs remain fully human.