Semgrep Guardian: Security for AI-Generated Code(semgrep.dev)
semgrep.dev
Semgrep Guardian: Security for AI-Generated Code
https://semgrep.dev/blog/2026/introducing-semgrep-guardian-real-time-security-for-ai-written-code/
https://semgrep.dev/blog/2026/introducing-semgrep-guardian-real-time-security-for-ai-written-code/
That means there is an unprecedented opportunity to make both security and developer outcomes better by shaping agent behavior towards secure defaults. Even things like "don't add dependencies unless these conditions are met; we only want top1000 NPM dependencies, otherwise just write it yourself."
Capabilities like this will have a big impact on the OSS ecosystem (positive and negative) as they profilerate.