AI Coding Needs Supply Chain Controls at Commit Time
Relay Network’s AI coding rollout is useful because the security change was not framed as a policy memo. It was pushed into the workflow: approved AI tooling, security feedback inside development, and pre-commit checks before code reached a pull request.
The source is a Snyk customer story, so it should be read with that context. It is still specific enough to matter for security operations. The core point is not that one vendor tool solves AI coding risk. The point is that AI-assisted development changes where risk appears. If code is generated faster, weak dependencies and insecure patterns can also appear faster. Controls that only fire during CI or pull request review may be too late for the way developers now work.
Relay Network’s answer was to move security closer to code creation.
What changed#
Relay Network, a software company based in Radnor, Pennsylvania, builds a B2C communications platform used by regulated enterprises. According to Snyk, the company already treated security as part of engineering rather than as a separate review function. Brendan Putek, Director of DevOps, leads a platform engineering group covering security, developer enablement, CI/CD, cloud operations, and site reliability engineering. Esaie Batoula, Security Engineer, works on the tooling, patterns, and automation that help developers own remediation.
That operating model matters. AI coding assistants do not land cleanly in organizations where security is only a gate at the end. They increase the pressure on every handoff.
Relay Network standardized early on GitHub Copilot because it fit its GitHub environment and gave developers an approved enterprise AI tool. That last point is not cosmetic. In many companies, the first AI security problem is not the model. It is unsanctioned use. If developers do not have a usable internal path, they may paste code or context into unmanaged consumer services. That creates a privacy risk and an audit problem before any generated code is even committed.
The company’s concern was straightforward: AI improved productivity, but it could also accelerate vulnerable code and dependency choices. The risk was not new in kind. It was new in speed.
Relay then integrated Snyk into the AI-assisted coding workflow. Before, developers often saw security findings after opening a pull request. By that point, the work was mentally “done,” context was fading, and security questions went back to Batoula. Snyk quotes him describing a familiar pattern: a security check fails in the PR, the developer wants to ship, and security has to explain the issue and remediation.
The company wanted findings earlier. With Snyk integrated into GitHub Copilot, developers could receive security feedback while generating or editing code, then apply fixes before commit.
Why it matters for the software supply chain#
This is a software supply chain story even though it is not about a dramatic package registry compromise.
Most supply chain failures are not cinematic. They are small trust decisions repeated at scale: which package enters the codebase, which generated function gets accepted, which maintainer access is treated as safe, which warning gets deferred until later. AI coding tools change the volume and tempo of those decisions.
A pull request gate can still be useful. It is not enough by itself. The later a finding appears, the more expensive it becomes socially and operationally. The developer has already moved on. The reviewer is now blocking delivery. Security becomes the department that says no after the work is complete.
Relay Network’s model tries to reverse that. The security prompt appears while the developer still has the code in hand. That is the practical value of “secure at inception,” stripped of slogan weight. It is not a claim that all bugs disappear. It is a claim about timing and context.
The source also says Relay Network extended the workflow with custom pre-commit hooks. Batoula built on Snyk’s hooks with checks tailored to Relay’s workflow, scanning newly introduced code before it could be committed. The goal was to catch issues before PR review, not days later in CI.
That is a useful pattern for teams beyond this specific toolchain:
- give developers an approved AI assistant rather than pretending shadow AI will not happen;
- place security feedback in the IDE, assistant, or commit path where context is still fresh;
- keep CI and PR checks as backstops, not the first meaningful control;
- tune hooks to local workflows instead of relying only on default rules;
- measure whether questions and escalations drop, not just whether scans run.
The source reports that before the change, Batoula was receiving five to ten developer questions per day about security findings. It also states that Relay had reduced a historical backlog and maintained zero critical and zero high-severity issues across its codebase. Those are vendor-reported customer-story claims, not independently verified audit findings. Still, they indicate the kind of operational signal worth tracking: fewer late surprises, fewer security handoffs, and less unresolved high-priority risk.
What to check before copying the model#
The useful lesson is not “install the same stack.” The useful lesson is where to place the control.
Teams considering a similar setup should start with the actual development path. Where do developers create code? Where do they accept AI suggestions? Where do dependencies get introduced? Where do secrets, customer data, or regulated data appear in prompts or logs? A control that misses those moments will produce reports but not behavior change.
For AI coding and open source security, check at least four areas.
First, approved tool coverage. If GitHub Copilot, another assistant, or an internal model is allowed, define what can be sent to it. The policy should cover source code, customer data, credentials, logs, and proprietary context. A sanctioned tool reduces shadow AI only if it is available, usable, and clearly preferred.
Second, dependency handling. AI can suggest packages with confidence, including packages the developer has not evaluated. Treat generated dependency additions as supply chain events. Check package registry reputation, maintenance activity, license constraints, known vulnerabilities, and whether trusted publishing or similar provenance controls exist where relevant.
Third, maintainer and automation access. A secure coding assistant does not fix weak repository permissions. Review who can publish packages, merge code, bypass checks, rotate tokens, or approve workflows. AI can accelerate code production, but overbroad maintainer access still defines the blast radius.
Fourth, commit and PR enforcement. Pre-commit hooks are useful because they catch problems early, but they are not a security boundary by themselves. Developers can misconfigure or bypass local hooks. Server-side checks, protected branches, CI policy, and review requirements still matter. The stronger model is layered: local feedback for speed, central enforcement for assurance.
For teams already following software supply chain work, this fits the same direction as broader ecosystem guidance: make security artifacts operational, not decorative. SBOMs, vulnerability scans, provenance signals, and test coverage only matter when they affect decisions. GigaTap has covered that same operational turn in OpenSSF’s April signal and in the argument that package test coverage matters when it becomes a real release condition, not a badge.
Related reading:
- OpenSSF’s April signal: make security artifacts operational: https://gigatap.top/en/articles/openssfs-april-signal-make-security-artifacts-operational
- 100% package test coverage is the point, not the slogan: https://gigatap.top/en/articles/100-package-test-coverage-is-the-point-not-the-slogan
- Open Source Security Needs More Than Code: https://gigatap.top/en/articles/open-source-security-needs-more-than-code
What not to overclaim#
This source does not prove that AI-generated code is safe. It does not prove that Snyk plus GitHub Copilot eliminates vulnerable dependencies. It does not provide enough detail to compare false positives, false negatives, scan coverage, or exploitability scoring accuracy.
It also does not settle the privacy side of AI development. Standardizing on an enterprise assistant can reduce unmanaged usage, but teams still need clear rules for what code and data may be submitted to AI systems. That is a security operations issue, a legal issue, and often a customer trust issue.
The stronger claim is narrower and more useful: Relay Network treated AI coding as an engineering workflow change, not as a novelty to be handled by after-the-fact review. It put security feedback near the moment of code creation, added pre-commit checks, and kept the developer responsible for remediation while context was still fresh.
That is the part worth copying. Not the slogan. The placement.