What security issues are AI coding tools still missing today?

I'm building ZenVeil, a security platform focused on helping developers find, understand, and fix security issues in repositories, local codebases, and APIs.

One thing I've noticed is that AI-generated code can dramatically accelerate development, but it can also introduce vulnerabilities that are easy to miss during reviews.

We've been testing detection for:

• Exposed secrets and credentials

• Vulnerable dependencies and supply-chain risks

• Missing security headers

• Authentication and authorization issues

• Common API security weaknesses

I'm curious:

What security issue do you think current AI coding tools are still bad at catching?

Are there particular vulnerabilities or workflows you'd want a tool like this to help with?

I'd love to hear feedback before our Product Hunt launch.