The Commonplace
Home Papers Evidence Explore Trends Syntheses Digests About 🎲 Workforce Futures
← Papers
Direction, evidence grade, and study type are AI-generated labels (gpt-5-mini), not human-verified. Syntheses are LLM-written. "Tensions" are machine-detected candidates, not confirmed contradictions. A research-acceleration tool, not peer review. How this is built →

Automated detectors suggest LLM-generated code is common but falling and concentrated in tests and duplicated snippets, while LLM-like comments stay steady; company repositories show higher detected usage, and only a small fraction of human-labeled bugs are associated with flagged LLM code.

An Exploratory Study on LLM-Generated Code and Comments in Code Repositories
Yongyi Ji, Jiaji Wang, Yi Zhou, Fuxiang Chen, Hongji Yang · July 02, 2026
arxiv correlational low evidence 7/10 relevance Full text usable extracted full text Source PDF
Using detector-based labels on 2021–2025 repositories, the paper finds LLM-detected code declined over time, appears disproportionately in tests and duplicated snippets, comments flagged as LLM-generated remain stable and often grammatically imperfect, company repositories show higher detected use, and only a small share of human-labeled bugs are linked to detected LLM-generated code.

The use of LLMs in software development has become increasingly widespread on tasks such as code generation and summarization. Reports from large technology companies showed that around 20% to 30% of their code are generated by LLMs. However, there remains skepticism about the practical usage of LLM-generated code and comments, such as concerns on more time for debugging the generated code and the unnaturalness of the generated comments. In this paper, we study the code and comments detected as likely to be generated by LLMs and their characteristics, the differences between company- and community-maintained repositories, and how likely bugs are associated with LLM-generated code. We conduct extensive experiments on active company- and community-maintained repositories from 2021 to 2025 using various tools and techniques that detect code and comments generated by LLMs. Based on our detector-based proxy analysis, the results suggest that code detected as likely to be generated by LLMs decreased over time and appeared frequently in test cases, while that of comments remains relatively stable. Proxy results further suggest that code detected as likely to be generated by LLMs shows substantial intra-repository code clones, whereas comments exhibit a relatively low proportion of grammatically correct sentences. In addition, the company-maintained repositories show a higher percentage of code and comments detected as likely to be generated by LLMs, and only a small percentage of the human-labelled bugs are detected as being likely associated with LLM-generated code.

Summary

Main Finding

Using a detector-based proxy analysis on eight active repositories (2021–2025), the authors find that code flagged as likely LLM-generated has declined over time while comments flagged as likely LLM-generated remained stable. Much of the flagged code appears in test files and exhibits high rates of intra-repository file-level cloning; flagged comments have high punctuation rates but lower grammatical accuracy. Company-maintained repositories show higher percentages of flagged code/comments and more clones. Only a small share of human-labeled post-2021 bugs appear associated with LLM-flagged code (≈10.8% in NVD, 5.6% in OSS-Fuzz). All findings are presented as detector-output proxies, not ground-truth labels.

Key Points

  • Scope and datasets
    • 8 repositories analyzed (Go-github, Guava, Liquid, Zap, Act, Jadx, Kafka, Pandas), snapshots Oct 2021–Oct 2025.
    • Bug analysis used PreciseBugs (human-labeled bugs introduced after 2021).
  • Detection methods
    • Employed a suite of zero-shot detectors: Binoculars, Log-Likelihood, Entropy, Rank, Log-Rank, LRR, DetectGPT, Fast-DetectGPT, and DetectCodeGPT.
    • Comment-detection thresholds calibrated via the AISE dataset filtered to files last modified before 2021; code used DetectCodeGPT default threshold.
  • Quantitative findings
    • Temporal trend: proportion of code flagged as likely LLM-generated decreased over 2021–2025; flagged comments relatively stable.
    • Location: flagged code concentrated in test cases; flagged comments mainly categorized as Explanation/Meta.
    • Cloning: majority of repositories have >70% file-level clones among flagged code; method-level clones generally low (max ≈34.2%). Compared with GPTCloneBench, many flagged code pieces had no external clones.
    • Comment quality signals: ~90% proper punctuation on average, but relatively low grammatical correctness and limited use of AI-specific vocabulary.
    • Company vs community: company-maintained repos show higher percentages of flagged code/comments and more clones.
    • Bugs: only a small fraction of human-labeled bugs in investigated datasets likely associated with LLM-flagged code (NVD: 10.79%; OSS-Fuzz: 5.56%).
  • Limitations
    • No ground-truth labels — results are proxy-based, dependent on detector choices and thresholds.
    • Detector performance and thresholds may vary by domain (code vs comment) and by detector type; errors (false positives/negatives) possible.
    • Watermarking and supervised detection methods were not used.

Data & Methods

  • Repositories: selected 8 active company- and community-maintained projects, covering Oct 2021–Oct 2025 (motivation: key LLM releases/open-source since 2021).
  • Detection pipeline:
    • Applied multiple zero-shot detectors spanning three methodological classes:
      • Statistical-based (log-probability, rank, entropy variants, Fast-DetectGPT),
      • Perturbation-based (DetectGPT, DetectCodeGPT),
      • Model-comparison-based (Binoculars).
    • Calibration:
      • Comments: thresholds chosen via AISE dataset (filtered to pre-2021 file edits to improve the human-written baseline).
      • Code: used DetectCodeGPT default threshold (benchmarked on developer repos).
  • Post-detection analyses:
    • Manual coding to categorize detected code/comments (e.g., test vs production files; Explanation/Meta comments).
    • Code-clone analysis: intra-repository, cross-repository, and comparison to GPTCloneBench.
    • Comment quality measures: punctuation rate, grammatical correctness, AI-vocabulary frequency.
    • Bug association: matched flagged code to PreciseBugs (NVD and OSS-Fuzz subsets) to compute proportions of bugs likely associated with flagged code.
  • Reproducibility: scripts and experiment code made available by authors.

Implications for AI Economics

  • Adoption and measured use vs claims
    • Firms report high LLM usage (public reports ~20–30% LLM-generated code in some companies), but detector-based repo evidence shows a declining share of flagged code over 2021–2025 and a concentration in test code. This suggests heterogeneity in how LLMs are actually integrated into production engineering workflows and potential overstatement or different measurement definitions across sources.
  • Productivity vs quality trade-offs
    • Concentration of flagged code in tests and limited association with bugs implies firms may be using LLMs for lower-risk, productivity-focused tasks (e.g., test scaffolding, examples, boilerplate). Economically, this supports a model where LLMs substitute low-complexity developer tasks first, delivering quick productivity gains while limiting exposure to high-cost bug risk.
  • Firm strategy and differential adoption
    • Company-maintained repos having higher flagged rates suggests firms may more aggressively adopt LLMs (internal tools, premium access, integration into CI/CD). This points to a bifurcated market: firms investing in LLM tooling and workflow integration vs community projects being more conservative.
  • Markets for detection, auditing, and compliance
    • Detector-based uncertainty and the lack of ground-truth highlight opportunity for markets providing robust provenance, watermarking, and auditing services. Demand drivers: legal/IP attribution, compliance (secure code provenance), and procurement/assurance for critical systems. Vendors that can credibly attribute LLM involvement or certify low-risk use will have economic value.
  • Liability, security, and maintenance costs
    • Small but nonzero proportions of bugs linked to LLM-flagged code indicate potential exposure to security and liability costs. Firms will need to internalize testing and code review costs when deploying LLM-generated artifacts. Economic analyses should account for post-deployment debugging, longer-term maintenance costs from cloned/boilerplate LLM outputs, and potential legal risk (copyright, licensing).
  • Labor and task reallocation
    • Findings are consistent with LLMs displacing or reshaping routine coding tasks (tests, boilerplate), increasing demand for higher-skill tasks (design, verification, system integration). This suggests short-term productivity gains but shifting labor composition—greater emphasis on code review, tooling, and evaluation roles.
  • Investment and R&D priorities
    • Given detector uncertainty and repository patterns, investments that increase the reliability of LLM outputs (better fine-tuning for code, integrated testing, model auditing) or reduce downstream costs (automated test generation, clone-detection tools) are economically attractive.
  • Policy and regulation
    • Empirical uncertainty underscores the need for standards (e.g., provenance labeling, watermarking mandates) if policymakers want to regulate LLM usage in safety-critical software. Regulations would create market demand for detection/compliance solutions but also raise compliance costs for firms.
  • Research & evaluation needs for economic models
    • For accurate cost-benefit analyses, economists need better ground-truth datasets on LLM usage and longitudinal measures of maintenance costs, bug-remediation expenditures, and productivity metrics across firms and open-source projects.

Suggestions for stakeholders - Firms: treat current LLMs as productivity multipliers for low-risk tasks but invest in code-review and testing pipelines; consider adopting provenance/watermarking where liability matters. - Tool vendors: opportunity to offer robust detection, watermarking, auditing, and integration with CI/CD; products that reduce false positives/negatives will command premium. - Researchers/policymakers: prioritize building ground-truth datasets and standardized benchmarks to make economic assessments of LLM adoption reliable.

Limitations to carry into economic interpretation - Results are detector-proxy based (no ground truth), so economic conclusions should account for detection uncertainty and potential measurement bias. Further work should combine detector outputs with firm-internal logs and controlled audits for robust valuation.

Assessment

Paper Typecorrelational Evidence Strengthlow — Findings rely on automated detectors as a proxy for LLM-generated code/comments rather than ground-truth provenance, producing measurement error and potential systematic bias; analysis is observational and associative, so causal claims (e.g., LLMs causing fewer/more bugs) are not supported. Methods Rigormedium — The study analyzes a large, multi-year corpus of company and community repositories and compares multiple artifact types (code, tests, comments) and repo types, which strengthens external validity; however, heavy reliance on heuristics/detectors with limited or unspecified validation, potential sample selection issues (active repos, likely language and visibility biases), and limited causal identification reduce overall rigor. SampleActive company-maintained and community-maintained software repositories collected from 2021–2025; code files, test files, and comments processed with several LLM-detection tools to flag likely LLM-generated artifacts; additional small human-labeled subset of bugs used to assess association with detected LLM-generated code. Themesadoption productivity GeneralizabilityDependent on accuracy and training scope of LLM-detection tools—false positives/negatives can bias results, Sample restricted to active, observable repositories (likely public and larger-company repos), so private/internal codebases or smaller projects may differ, Language and ecosystem coverage may be narrow (certain programming languages or frameworks overrepresented), Temporal trends may reflect changes in detection models, LLM behavior, or developer practices rather than true changes in LLM usage, Human-labeled bug subset is small and may not be representative of all bug types or repositories

Claims (9)

ClaimDirectionOutcomeConfidence & EvidenceDetails
Reports from large technology companies showed that around 20% to 30% of their code are generated by LLMs. Adoption Rate positive proportion of code generated by LLMs
Reading fidelity high
Study strength medium
20% to 30%
0.3
Code detected as likely to be generated by LLMs decreased over time (2021–2025). Adoption Rate negative proportion of code detected as likely LLM-generated over time
Reading fidelity high
Study strength medium
not reported
0.3
Code detected as likely to be generated by LLMs appeared frequently in test cases. Task Allocation positive frequency/proportion of LLM-detected code located in test cases
Reading fidelity high
Study strength medium
not reported
0.3
Comments detected as likely to be generated by LLMs remain relatively stable over time. Adoption Rate null_result proportion of comments detected as likely LLM-generated over time
Reading fidelity high
Study strength medium
not reported
0.3
Code detected as likely to be generated by LLMs shows substantial intra-repository code clones. Output Quality mixed rate/proportion of intra-repository code clones among code detected as LLM-generated
Reading fidelity high
Study strength medium
not reported
0.3
Comments exhibit a relatively low proportion of grammatically correct sentences. Output Quality negative proportion of grammatically correct sentences in comments detected as likely LLM-generated
Reading fidelity high
Study strength medium
not reported
0.3
Company-maintained repositories show a higher percentage of code and comments detected as likely to be generated by LLMs compared to community-maintained repositories. Adoption Rate positive percentage of code and comments detected as likely LLM-generated by repository maintenance type (company vs. community)
Reading fidelity high
Study strength medium
not reported
0.3
Only a small percentage of the human-labelled bugs are detected as being likely associated with LLM-generated code. Error Rate negative percentage of human-labelled bugs associated with code detected as likely LLM-generated
Reading fidelity high
Study strength medium
not reported
0.3
There remains skepticism about the practical usage of LLM-generated code and comments, including concerns that generated code may take more time to debug and that generated comments may be unnatural. Developer Productivity negative perceived debugging time and perceived naturalness of comments
Reading fidelity medium
Study strength speculative
not reported
0.03

Notes