AI solved the code creation problem; now we have a visibility problem
AI code generation is working. The productivity gains are real, the adoption numbers are striking, and the organizations that have leaned into it have real proof points to show for it. That’s not in dispute.
What is a lingering question (and what the data makes harder to ignore) is whether most engineering leaders actually have visibility into and control over what’s happening in their codebases as a result of the massive influx of AI-generated code.
Today we’re publishing the AI Code Generation Reality Check, a survey of 309 engineering leaders and practitioners conducted independently by Dimensional Research and sponsored by Flux. It’s the clearest picture I’ve seen yet of where AI-generated code is actually delivering and where gaps remain.
The quick wins are real and so are the bottlenecks they create
The data confirms what most of us already know from experience: AI pays off fastest in low-risk, repetitive work. Documentation (69%), unit testing (66%), and simple functions (58%) are where teams start. That’s the right instinct. Start where patterns are clear and failures are easier to contain.
The problem is what happens next. As AI generates more code, it creates more to review, more to maintain, and more places for issues to hide. Nearly 80% of survey respondents already spend at least 10% of their time on code review, and about one in ten spend 41% or more. AI-generated code adds to that load, not in a linear way but in a compounding one. There’s more code volume, more unfamiliar patterns, and faster overall velocity than review capacity can absorb.
The bottleneck has shifted for delivering code. It used to be in writing it; now it’s in understanding and trusting it.
The scrutiny is coming from everywhere
Here’s one thing I think gets underestimated: AI-generated code isn’t just an engineering problem. According to the survey, security stakeholders have concerns at 63% of organizations. Compliance teams are flagging it at 52%. CTO/CIO leadership at 47%. Legal at 41%.
That’s a cross-functional review committee, and most engineering leaders are walking into those conversations with ticket-based data and closed-issue counts, sourced from tools built for a human-speed world. Forward-thinking leaders building real influence with their boards and C-suites are doing something different: they’re showing what’s actually happening in the codebase, not just what was planned.
That’s a different capability than most teams have built. And the gap between leaders who have it and those who don’t will be career-defining.
The hesitant 35% is worth paying attention to
One of the most interesting findings in the report: 44.7% of organizations already have AI-generated code in production. Another 35% are actively writing it but haven’t yet shipped it. That hesitant group isn’t moving slowly because they don’t yet trust their ability to see and manage the risks.
That gap between writing AI code and deploying it is worth a conversation. What’s holding them back? Interestingly, the data shows the hesitant group is actually investing more heavily in safeguards. They have higher rates of code quality analysis, SCA, and training. In other words, these leaders demand confidence in the quality of the code they’re shipping. And this isn’t unwise. Just 3.6% of our survey respondents said that AI-introduced issues never reach production.
The organizations that move forward fastest will be able to allow the use of more AI-generated code, ship faster, and still trust every change that reaches production. The ones that don’t may fall behind their peers in innovation and speed of delivery.
What this looks like in practice
The survey asked what high-performing teams are doing differently. A few things stand out.
They treat shipping AI-generated code as a governance decision, not just an engineering one. They invest in automated safeguards: code quality analysis (46% have already purchased this), automated review (39%), and security testing. Then they connect those safeguards to hard codebase signals rather than relying on manual reporting from ticketing tools. They expand review capacity to match AI-accelerated output instead of assuming existing processes will scale. And perhaps most importantly, they keep humans in the loop on the changes that matter most, using AI to surface the right work rather than bypass judgment.
What the data doesn’t show, and what I think the best leaders understand, is that this is also an opportunity. AI creates both an opportunity to create, and a forcing function to demand, something engineering organizations have always needed and rarely had: ground-truth visibility into what’s actually happening across the codebase, week to week. The teams that use this moment to build that capability will come out of the AI transition stronger. The engineering team’s output will be more trusted by the business, more credible with cross-functional stakeholders, and better positioned to keep accelerating without losing control.
Read the full report
The AI Code Generation Reality Check covers adoption patterns and deployment hesitancy, the widening gap between code velocity and review capacity, which risks are making it into production and how often, what safeguards organizations are buying, and what the leaders getting this right are doing differently. If you’re an engineering leader navigating any of this, it’s worth your time.
Download the report and attend our walkthrough webinar on July 29.