[riskable]

> there is always the risk of total nonsense hidden somewhere in the middle

This is true of human-generated code as well. Trust me: Reviewing other people's code is my day job.

It's exceptionally rare that a malicious actor is trying to sneak something into the code. The common scenario is the developer who's new to the project not fully understanding how everything works so they copy & paste something they think is necessary but ultimately isn't and could in fact be very wrong. Just like how ChatGPT works.