Large Language Models (LLMs) such as OpenAI Codex are increasingly used as AI-based coding assistants, raising the question of whether they push developers toward less secure code. We conducted a security-driven user study (N=58) assessing code written by student programmers with and without LLM assistance. Participants implemented a singly-linked “shopping list” structure in C — a setting rich in pointer and array manipulations where low-level bugs are both severe and common. Our results indicate the security impact in this setting is small: AI-assisted users produced critical security bugs at a rate no greater than 10% more than the control group, suggesting that, at least here, LLM assistants do not introduce substantial new security risks.
Gustavo Sandoval and Hammond Pearce contributed equally to this work.