A developer used GitHub Copilot to build a browser-based COBOL IDE with zero prior COBOL experience, and it worked impressively well. However, reading the generated code revealed a critical remote code execution vulnerability: user-submitted COBOL was compiled and run directly on the server with no sandboxing. Copilot never
Table of contents
Copilot and COBOL, The Unnatural Marriage“Surely It Can’t Write COBOL”And Then I Actually Read the CodeThe Fix a Developer Actually MakesThe Empire Strikes Back, But Not AloneSort: