Booz | Allen | Hamilton just tested 5 AI coding models across 2,800 trials and 460,000 lines of code.

Chinese LLMs produced more vulnerable code when the developer appeared to be working for the US government.
The vulnerabilities were obfuscated and undetectable by traditional security tools. Qwen3-Coder, already embedded in widely used development tools, was the worst offender.
@BoozAllen Recommendation is direct: ban untrusted AI models from government and critical infrastructure, establish end-to-end software provenance and independently test every model before deployment.
The Huawei comparison in the report is worth reading. The US spent a decade watching Chinese telecom manufacturers embed themselves in American infrastructure.
The rip-and-replace cost reached billions and is still ongoing in 2026. Booz Allen argues the Chinese open-source AI ecosystem presents a greater threat due to the speed and scale of adoption.
This is the exact problem @Conste11ation built Gate AI to solve. It sits inline between the AI agent and the model provider, scanning every request and every response in real time.
Prompt injection defense scores 97.4% F1 at a strict 1% false-positive budget across 16 public benchmarks 10 points ahead of Lakera Guard, which Check Point acquired for $300M.
Every interaction produces a tamper-evident audit trail anchored to the Digital Evidence layer. Cryptographically verifiable by anyone, not just trusted. Free to start, self-serve, no procurement loop.