{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,21]],"date-time":"2026-04-21T15:23:22Z","timestamp":1776785002073,"version":"3.51.2"},"reference-count":24,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2025,1,22]],"date-time":"2025-01-22T00:00:00Z","timestamp":1737504000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["1801495"],"award-info":[{"award-number":["1801495"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["00014-18-1-2058"],"award-info":[{"award-number":["00014-18-1-2058"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Commun. ACM"],"published-print":{"date-parts":[[2025,2]]},"abstract":"<jats:p>There is burgeoning interest in designing AI-based systems to assist humans in designing computing systems, including tools that automatically generate computer code. The most notable of these comes in the form of the first self-described \u201cAI pair programmer,\u201d GitHub Copilot, which is a language model trained over open-source GitHub code. However, code often contains bugs\u2014and so, given the vast quantity of unvetted code that Copilot has processed, it is certain that the language model will have learned from exploitable, buggy code. This raises concerns on the security of Copilot\u2019s code contributions. In this work, we systematically investigate the prevalence and conditions that can cause GitHub Copilot to recommend insecure code. To perform this analysis we prompt Copilot to generate code in scenarios relevant to high-risk cybersecurity weaknesses, for example, those from MITRE\u2019s \u201cTop 25\u201d Common Weakness Enumeration (CWE) list. We explore Copilot\u2019s performance on three distinct code generation axes\u2014examining how it performs given diversity of weaknesses, diversity of prompts, and diversity of domains. In total, we produce 89 different scenarios for Copilot to complete, producing 1,689 programs. Of these, we found approximately 40% to be vulnerable.<\/jats:p>","DOI":"10.1145\/3610721","type":"journal-article","created":{"date-parts":[[2025,1,20]],"date-time":"2025-01-20T16:00:31Z","timestamp":1737388831000},"page":"96-105","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":52,"title":["Asleep at the Keyboard? Assessing the Security of GitHub Copilot\u2019s Code Contributions"],"prefix":"10.1145","volume":"68","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3488-7004","authenticated-orcid":false,"given":"Hammond","family":"Pearce","sequence":"first","affiliation":[{"name":"New York University, Department of ECE, New York, NY, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6854-3966","authenticated-orcid":false,"given":"Baleegh","family":"Ahmad","sequence":"additional","affiliation":[{"name":"New York University, Department of ECE, New York, NY, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7642-3638","authenticated-orcid":false,"given":"Benjamin","family":"Tan","sequence":"additional","affiliation":[{"name":"University of Calgary, Department of ESE, Calgary, Alberta, Canada"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8867-4282","authenticated-orcid":false,"given":"Brendan","family":"Dolan-Gavitt","sequence":"additional","affiliation":[{"name":"New York University, Department of ECE, New York, NY, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7989-5617","authenticated-orcid":false,"given":"Ramesh","family":"Karri","sequence":"additional","affiliation":[{"name":"New York University, Department of ECE, New York, NY, USA"}]}],"member":"320","published-online":{"date-parts":[[2025,1,22]]},"reference":[{"key":"e_1_3_1_2_2","unstructured":"GitHub Copilot \u00b7 Your AI pair programmer. 2021; https:\/\/copilopt.github.com."},{"key":"e_1_3_1_3_2","unstructured":"Austin J. et al. Program synthesis with large language models. arXiv:2108.07732 [cs] Aug. 2021 arXiv: 2108.07732."},{"key":"e_1_3_1_4_2","doi-asserted-by":"crossref","unstructured":"Bandara V. et al. Fix that fix commit: A real-world remediation analysis of javascript projects. In 2020 IEEE 20th Intern. Working Conf. on Source Code Analysis and Manipulation (SCAM) Sept. 2020 198\u2013202.","DOI":"10.1109\/SCAM51674.2020.00027"},{"key":"e_1_3_1_5_2","unstructured":"Brown T.B. et al. Language models are few-shot learners. arXiv:2005.14165 [cs] July 2020 arXiv: 2005.14165."},{"key":"e_1_3_1_6_2","unstructured":"Chen M. et al. Evaluating large language models trained on code. arXiv:2107.03374 [cs] July 2021 arXiv: 2107.03374."},{"key":"e_1_3_1_7_2","unstructured":"Dessouky G. et al. HardFails: Insights into software-exploitable hardware bugs. In 28th USENIX Security Symp. 2019 213\u2013230."},{"key":"e_1_3_1_8_2","unstructured":"Devlin J. Chang M.-W. Lee K. and Toutanova K. BERT: Pre-training of deep bidirectional transformers for language understanding. CoRR abs\/1810.04805 2018 _eprint: 1810.04805."},{"key":"e_1_3_1_9_2","doi-asserted-by":"crossref","unstructured":"Drechsler R. Harris I.G. and Wille R. Generating formal system models from natural language descriptions. In IEEE Int. High Level Design Validation and Test Workshop (HLDVT) 2012 164\u2013165.","DOI":"10.1109\/HLDVT.2012.6418259"},{"key":"e_1_3_1_10_2","doi-asserted-by":"publisher","DOI":"10.1109\/MDAT.2020.3013730"},{"key":"e_1_3_1_11_2","unstructured":"GitHub. CodeQL Documentation 2021; https:\/\/codeql.github.com\/docs\/."},{"key":"e_1_3_1_12_2","doi-asserted-by":"crossref","unstructured":"Harris C.B. and Harris I.G. GLAsT: Learning formal grammars to translate natural language specifications into hardware assertions. In Design Automation Test in Europe Conf. Exhibition (DATE) 2016 966\u2013971.","DOI":"10.3850\/9783981537079_0334"},{"key":"e_1_3_1_13_2","doi-asserted-by":"publisher","DOI":"10.1186\/s42400-018-0002-y"},{"key":"e_1_3_1_14_2","unstructured":"Liu P. Qiu X. and Huang X. Recurrent neural network for text classification with multi-task learning. CoRR abs\/1605.05101 2016 eprint: 1605.05101."},{"key":"e_1_3_1_15_2","doi-asserted-by":"publisher","DOI":"10.1007\/11671299_34"},{"key":"e_1_3_1_16_2","unstructured":"OWASP. Source Code Analysis Tools 2021; https:\/\/owasp.org\/www-community\/Source_Code_Analysis_Tools."},{"key":"e_1_3_1_17_2","doi-asserted-by":"publisher","DOI":"10.1145\/3380446.3430634"},{"key":"e_1_3_1_18_2","unstructured":"Radford A. et al. Language Models are Unsupervised Multitask Learners 2019 24."},{"key":"e_1_3_1_19_2","first-page":"56","volume-title":"Future Technologies Conf. (FTC)","author":"Rahit K.M.T.H.","year":"2019","unstructured":"Rahit, K.M.T.H., Nabil, R.H., and Huq, M.H. Machine Translation from Natural Language to Code Using Long-Short Term Memory. In Future Technologies Conf. (FTC). Springer, International Publishing, Oct. 2019, 56\u201363,"},{"key":"e_1_3_1_20_2","doi-asserted-by":"publisher","DOI":"10.1162\/tacl_a_00266"},{"key":"e_1_3_1_21_2","doi-asserted-by":"crossref","unstructured":"Sundermeyer M. Schl\u00fcter R. and Ney H. LSTM neural networks for language modeling. In Conf. Int. Speech Communication Assoc. 2012.","DOI":"10.21437\/Interspeech.2012-65"},{"key":"e_1_3_1_22_2","unstructured":"The MITRE Corporation (MITRE). 2021 CWE Top 25 Most Dangerous Software Weaknesses 2021; https:\/\/cwe.mitre.org\/top25\/archive\/2021\/2021_cwe_top25.html."},{"key":"e_1_3_1_23_2","unstructured":"The MITRE Corporation (MITRE). CWE - CWE-Compatible Products and Services Dec. 2021; https:\/\/cwe.mitre.org\/compatible\/compatible.html."},{"key":"e_1_3_1_24_2","unstructured":"The MITRE Corporation (MITRE). CWE-1194: CWE VIEW: Hardware Design July 2021; https:\/\/cwe.mitre.org\/data\/definitions\/1194.html."},{"key":"e_1_3_1_25_2","first-page":"5998","volume-title":"Advances in Neural Information Processing Systems 30","author":"Vaswani A.","year":"2017","unstructured":"Vaswani, A. et al. Attention is All you Need. In Advances in Neural Information Processing Systems 30. I. Guyon et al, (eds.). Curran Associates, Inc., 2017, 5998\u20136008."}],"container-title":["Communications of the ACM"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3610721","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3610721","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3610721","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:37:11Z","timestamp":1750178231000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3610721"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,1,22]]},"references-count":24,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2025,2]]}},"alternative-id":["10.1145\/3610721"],"URL":"https:\/\/doi.org\/10.1145\/3610721","relation":{},"ISSN":["0001-0782","1557-7317"],"issn-type":[{"value":"0001-0782","type":"print"},{"value":"1557-7317","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,1,22]]},"assertion":[{"value":"2025-01-22","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}