An initial security audit of that tool has shown that, because of the way language models are trained, generated code is uniquely vulnerable to common cybersecurity attacks. Researchers found in testing that 40 percent of Copilot-generated computer programs were vulnerable to some of the most common cybersecurity weaknesses. This is because code generation is made possible due to the repetition of the most common programming idioms in the training data. Those are not the most secure.

— The AI Con by Emily M. Bender, Alex Hanna (Page 53)