The 'Shit Mountain Crisis' of AI Code Is Just Beginning

App Store crackdown signals a turning point

Apple removed an app called Anything from the App Store for violating guideline 2.5.2 — the rule banning apps that download or execute unreviewed code. It has been reported that Anything raised $11 million on a $100 million valuation in September 2025 and had helped users publish thousands of apps. Apple had already frozen updates for similar tools such as Replit and Vibecode for months. Is this enforcement the start of a wider clampdown on a new generation of instant‑app builders? Platforms are clearly nervous.

Viral "vibe coding" meets hard reality

The idea of “vibe coding” — writing by feel and letting AI supply the rest — traces to OpenAI co‑founder Andrej Karpathy and became shorthand for lightning‑fast app creation. It has been reported that a Chinese entrepreneur, Yang Tianrun (杨天润), who never wrote code professionally, used AI tools to contribute to a star GitHub project in 72 hours and briefly ranked among its top contributors. Yet Yang himself warned that such tools “only suit demos, not production.” Security research backs him up: Replit engineering scans reportedly found ~10% of sampled sites had severe data‑exposure bugs; a wider sweep by Escape flagged thousands of vulnerabilities, hundreds of exposed keys and scores of personal data leaks. Promise meets peril when creators lack knowledge of architecture, permissions and long‑term maintenance.

Open source and platform ecosystems under strain

The flood of low‑quality AI PRs and automated bug reports is choking maintainers. cURL’s creator Daniel Stenberg shut down a six‑year bug bounty after being overwhelmed by AI‑generated false reports; he described the influx as a DDoS on open source. Projects including Ghostty and tldraw have tightened contribution rules. GitHub in February 2026 added repository settings to disable or restrict pull requests — a platform‑level “off switch.” Meanwhile, app stores are seeing a surge in submissions: US iOS app releases rose sharply in late 2025, feeding a tide of cheaply produced apps that can be re‑issued at minimal cost when rejected. Tencent Technology (腾讯科技) and others have sketched the same chain: low entry cost, massive volume, and disproportionate downstream review burden.

Cost asymmetry demands new guardrails

Research raises doubts about the efficiency gains claimed for AI coding: a randomized study found AI tools lengthened task completion time for experienced developers, despite participants believing they were faster. Analysts warn that as generation costs collapse and review costs remain fixed, the system is unbalanced — RedMonk’s Kate Holterhoff dubbed the phenomenon “AI Slopageddon.” This is not just a technical problem; it sits against a backdrop of heightened geopolitical scrutiny of advanced AI, export controls and platform policy debates that will shape how tools are governed. Platforms, enterprises and regulators now face a simple choice: build incentives and controls that force responsibility, or watch the maintenance and security debt pile ever higher. Who will pay for cleaning up the mountain of bad code?