Stop checking AI-generated code. Start generating less of it

According to Sonar’s State of Code Developer Survey report for 2026, based on a survey of over 1,100 developers, 42% of committed code is now AI-assisted, and roughly 29% of it gets merged without manual review. Not “light review.” No review at all.

The industry’s response has been predictable: more guardrails. Static analysis. Token linting. Visual regression testing. Accessibility audits. Security scans. Each tool is a reasonable reaction to a real failure mode. Taken together, though, they describe something uncomfortable: a system permanently compensating for its own unreliability. The AI generates. The tooling checks. The developers arbitrate. And the whole apparatus scales linearly with the volume of code being produced.

That is the wrong scaling curve for any enterprise that plans to build more than a handful of applications.

The conventional framing — “How do we build better guardrails for AI-generated code?” — is not wrong. In my opinion, it is just incomplete. The more productive question should be, “How do we reduce the amount of code that needs guardrails in the first place?”

That question leads us to a fundamentally different architecture, one that thoughtfully applies AI on an escalating curve from zero to partial to full code generation. One I call the AI assembly model.