The rush to adopt AI by developers to push code faster is creating downstream risks that threaten to negate productivity gains. While development teams are shipping code faster than ever thanks to AI assistants, this increased speed is creating a pressure wave that legacy processes are struggling to contain.
According to software delivery platform Harness, the industry is enthusiastically taking advantage of AI for code creation but failing to mature the other parts of the software delivery lifecycle (SDLC) at the same pace.
This imbalance has given rise to what the report calls the “AI Velocity Paradox”. While 63 percent of organisations report shipping code to production more frequently since adopting AI, this upstream acceleration does not guarantee overall development velocity. In fact, it often creates drag by pushing a higher volume of code into under-automated testing, security, and deployment pipelines that are struggling to keep up. One key finding reveals 67 percent of development teams and their leaders feel that “the use of Al coding assistants is like squeezing a balloon – the volume of work stays the same, it’s just forced from one side to another.”
The adoption of AI in software development has been near-vertical, becoming part of the core engine to generate code rather than an experimental add-on with a due focus on managing the associated risks. However, this adoption has led to tool sprawl. On average, engineering teams are now using 8-10 different AI tools, with over a third juggling an even wider array. This proliferation adds undeniable complexity and makes managing security and compliance across a fragmented toolchain a major governance headache. This complexity is felt by developers, with 71 percent of respondents agreeing that “constant context switching is mentally draining and kills developer productivity.”
The core of the paradox lies in a stark imbalance in automation maturity across the SDLC. While coding workflows are 51 percent automated on average, the automation level for continuous integration and build pipeline creation is just 43 percent. The situation is particularly concerning for Continuous Delivery (CD), where only six percent of respondents describe their process as fully automated. This lack of downstream automation directly impacts the ability to realise speed benefits; moving from low to moderate automation in CD more than doubles the likelihood that an organisation will see a velocity gain from its AI coding tools.
This gap between code creation and validation is introducing serious risks. 45 percent of all deployments linked to AI-generated code lead to problems, and 72 percent of organisations have already experienced at least one production incident directly caused by it. It is therefore unsurprising that only 41 percent of respondents are fully confident their governance processes can prevent bugs from AI-generated code reaching production. Nearly half of teams are concerned they will see more software vulnerabilities due to their use of AI-coding assistants.
The risks are set to worsen with the rise of “vibe coding,” where less experienced developers use AI to generate code. The report found that 63 percent of respondents believe this practice is “a disaster waiting to happen, and skilled developers are about to be inundated with requests to fix other people’s shoddy work”. Another 78 percent stated that “without automated guardrails, organisations are going to face some very painful and costly mistakes from non-technical teams trying their hand at vibe coding”. The time saved by developers upstream will simply be paid for downstream by operations, security, and finance teams.
The financial implications are also considerable. Inefficient, AI-generated code can directly impact the bottom line. Over two-thirds of respondents, at 70 percent, are concerned their cloud costs could spiral out of control because it is so easy to deploy inefficient code using AI assistants.
To better understand this, the report categorises organisations into four quadrants of AI maturity. Most currently find themselves in “The Danger Zone,” characterised by the high risk of AI adoption for generating code but low downstream automation. These organisations are fast but fragile, experiencing frequent deployment failures and rising manual toil. Other quadrants include “The Laggards” (low adoption, low automation), who are slow and falling behind, and “The Cautious Planners” (low adoption, high automation), who are stable but risk being outpaced.
The target state is to become a “Velocity Leader,” with high AI adoption and high downstream automation. These organisations use AI-powered automation across the entire lifecycle to test, secure, and deploy code, so that speed is matched with safety and resilience. For them, AI is a true competitive advantage.
The path forward, according to the report, requires an approach that pairs upstream speed with downstream intelligence. Organisations must invest in AI beyond just coding, prioritising AI-powered testing, security scanning, and deployment verification to create a safety net for developers. As 83 percent of respondents noted, “the use of Al needs to extend across the entire SDLC if we’re to realise the true potential of coding assistants for accelerating delivery.”
Unleashing the full potential of AI in software development means empowering teams to move fast without breaking things. The current velocity paradox shows that while AI has provided the accelerator, many organisations have forgotten to upgrade the brakes.
“The AI Velocity Paradox is real—teams are writing code faster, but shipping it slower and with greater risk,” said Trevor Stuart, SVP and GM at Harness.
“Without automation in place, productivity gains at the front end are erased by downstream bottlenecks – more bugs, higher cloud costs, and greater security exposure. To truly benefit from AI, enterprises need to extend it beyond code creation into testing, quality, and deployment. That’s how you turn speed into lasting advantage, delivering software that is faster, safer, and more resilient.”
See also: GitLab launches custom AI agents and Knowledge Graph
Want to learn more about AI and big data from industry leaders? Check out AI & Big Data Expo taking place in Amsterdam, California, and London. The comprehensive event is part of TechEx and is co-located with other leading technology events including the Cyber Security Expo, click here for more information.
AI News is powered by TechForge Media. Explore other upcoming enterprise technology events and webinars here.