Malicious libraries will drive more code to be written by LLMs. Currently, malicious libraries seem to be typically trivial libraries. A WhatsApp API library is just on the edge of something that can be vibe coded, and avoiding getting pwned may be a good enough tipping point to embrace NIH syndrome more and more, which I think would be a net negative for F/OSS

The incentives are aligned with the AI models companies, which benefit from using more tokens to code something from scratch

Security issues will simply move to LLM related security holes