You can scaffold out a simple app pretty easily. Anything large or complex things break down. If you don’t know what you’re doing you end up leaking secrets like the dozens of examples we’ve seen so far.
On one side, it means that a certain amount of business will just use it even if you think its not safe/good enough and they will throw out people and will still succeed.
And on the other side: yes because they will also use LLM review or other tooling and will be fine whatever the 'security llm agent' tells them.
I was working in a company before which used md5 in 2015! Databases on the internet with a 5 character password. No tests.
A person i know would have broken the whole production DB if i wouldn't have stoped the PR.
Another ex-collegue thought its okay to 'encrypt' with a basic shift cyper creditcard data.
I don't think any of these companies care that much