Cisco donates CodeGuard to CoSAI as research exposes persistent LLM code vulnerabilities
Cisco donated its model-agnostic CodeGuard security ruleset to CoSAI while new research shows LLM code generators reliably repeat exploitable patterns, raising the bar for secure-by-default AI coding. OASIS Open details CodeGuard’s coverage and IDE-assistant integrations like Cursor, GitHub Copilot, Windsurf, and Claude Code ([Cisco Donates Project CodeGuard to Coalition for Secure AI](https://www.oasis-open.org/2026/02/09/cisco-donates-project-codeguard-to-coalition-for-secure-ai/)[^1]). Research on “vulnerability persistence” introduces FSTab to predict and exploit recurring flaws in LLM-generated software with high cross-domain success, and domain-focused safety stacks like Guardrails AI are emerging to catch dangerous outputs ([AI Code Generation Tools Repeat Security Flaws](https://quantumzeitgeist.com/ai-security-code-generation-tools-repeat-flaws/)[^2]; [Inside Guardrails AI](https://www.webpronews.com/inside-guardrails-ai-how-a-seattle-startup-is-deploying-clinical-expertise-to-neutralize-the-most-dangerous-failures-in-artificial-intelligence/)[^3]). [^1]: Official announcement of the CodeGuard donation, scope, and integrations with popular AI coding assistants. [^2]: Summarizes FSTab and evidence of predictable, repeatable vulnerabilities (e.g., high success versus Claude‑4.5 Opus). [^3]: Example of domain-specific guardrails and enterprise safety demand context.