This guidance is now deprecated. Read the new guidance at AI digital toolkit (opens in new tab)

Defra Logo Defra Logo

Defra AI in the SDLC Playbook

This playbook is a living document that aims to provide guidance on best practices for ways of working, tooling, and context-specific use cases for the use of AI in the Software Development Lifecycle (SDLC) tailored to Defra's unique needs and challenges.

Security

This guidance helps you use AI tools securely in government software development.

Key security risks when using AI

How to check AI-generated code for vulnerabilities

AI-generated code can contain security vulnerabilities or accidentally embed secrets like API keys.

Do:

  • Review code for vulnerabilities, especially those found in the OWASP Top 10 (opens in new tab)
  • Check code for any embedded secrets like API keys or database credentials
  • Scan generated code with a Static Application Security Testing (SAST) tool
  • Ensure that security-specific code like encryption is carefully reviewed

Don’t:

  • Assume AI-generated code is free of vulnerabilities
  • Trust that AI-generated code implements security-critical functionality correctly

How to secure dependencies in AI-generated code

AI-generated code can import packages which have known vulnerabilities or which are planted by attackers.

Do:

  • Scan all dependencies with a Software Composition Analysis (SCA) tool to highlight any vulnerabilities
  • Use constraints such as “Use secure and up-to-date dependencies” in your prompts
  • Check any unfamiliar packages for trustworthiness using a service like deps.dev (opens in new tab)

Don’t:

  • Assume dependencies included in AI-generated code are secure or non-malicious

How to protect your development environment

Local AI tools like Cursor can expose you to risk in certain circumstances.

Do:

  • Prevent local user credentials and auth tokens from being exposed to the AI tool (for example with a .cursorignore file)
  • Only install AI tool plugins maintained by trusted organisations
  • Use only approved MCP servers when connecting AI tools to external systems—MCP is currently in review and limited to pilot projects (see Defra MCP Guidance)

Don’t:

  • Use any untrusted data when writing prompts or user stories that end up in prompts
  • Install untrusted plugins
  • Auto-approve MCP tool calls without review

Next -> Getting Started

Support links

All content is available under the Open Government Licence v3.0, except where otherwise stated