The Naked Truth About Chatbots and PHP

If you've ever asked a general-purpose LLM to "write me a WordPress plugin," you already know how this story ends. You get a single 400-line file. It registers a hook with the wrong priority. It writes directly to $wpdb with an un-sanitized $_POST value. It calls a function that was deprecated three major versions ago. And the AJAX handler it just generated would happily execute for any unauthenticated visitor who knows the action name.

The frustrating part isn't that the model is "dumb." It's that it's doing exactly what it was built to do.

A general-purpose model is a statistical next-token predictor. It was trained on a giant pile of internet text, which includes excellent code, mediocre code, and a frankly alarming amount of insecure 2014-era StackOverflow snippets that someone copy-pasted into a tutorial. When you ask it for a plugin, it isn't reasoning about the WordPress Plugin Handbook. It's predicting what the next plausible character is, weighted by everything it ever absorbed — good and bad alike. Security isn't a constraint in that process. It's just one more pattern competing with thousands of insecure ones.

So the question we set out to answer wasn't "how do we make the model smarter?" It was a software engineering question: how do you wrap a probabilistic text generator inside a deterministic system that refuses to emit code violating a fixed set of rules?