Hey folks, I've identified 3 different stages of AI coding adoption: autocomplete, prompting, loop engineering.
The autocomplete stage is basically a throwback to 2024 and is mostly harmless - the traditional SAST and code review practices handle it.
Prompting agents to build whole features, which is where most people are today, comes with some security and maintainability concerns, but there are already solutions in place.
The problem is that most teams are also starting to explore loop engineering with autonomous agents. This currently has no guardrails in place, which is a recipe for disaster, as the video explains.
If you're exploring loop engineering, this is for you.
Agreed the move is AI reducing what you review, not adding to it. What's also needed is a process for classifying changes by risk so the low risk PRs get the automated gates while a human looks only at the high risk one that actually need it. And then enforcing that the same way across every repo.
In teams where there is downward pressure to reduce the rigorousness of PRs there shouldn't be much of a bottleneck problem. They've solved it by lowering the bar. The article is for the teams who have decided the bug and incident cost of doing that isn't worth it, and now have to absorb the volume anyway.
>But as AI generates more of the code, the industry will likely move toward more radical review models.
>>Quit dancing around it and just advocate pushing to main. The PR model is to have a quality gate.
The dancing is IMO a reasonable analysis of the state of the code review today. Yes, there are systems in the works but today there isn't yet a good enough system of automated checks to simply let code through. Because then this happens https://pages.faros.ai/hubfs/AI_Engineering_Report_2026_The_...
The goal with the article is to explain what tools can be employed to tackle the PR bottleneck and where humans are still needed - at this point in time. Code quality and security platforms like Codacy (here's the service) can automate away many baseline checks (SAST, test coverage, complexity, duplication, linters, etc). This provides deterministic analysis that is the same every time, unlike pure AI code reviewers. But there's very much still room for AI-assisted reviews. AI is very good at identifying what has changed, grouping findings by severity and helping the human reviewer focus their attention. After these 2 passes, human attention can be reserved for the important judgement calls. "Human reviewers concentrate on judgment rather than scanning for issues that tools can detect consistently."
Codacy does both layers, the deterministic checks that have to be repeatable and auditable, and the AI on top. This cuts review time without lowering coding standards.
Not helpful if all detractors leave a company that's going down a dangerous path, leaving all the trigger happy peeps to follow their worst instincts. But understandable regardless.